function run() { global $layout; global $DB; global $website; global $theme; $out = ''; switch ($_REQUEST['act']) { case "copy_from_template_zones": // return template sections and (textarea) properties for a content id $template = new template(); $template->load($_REQUEST['template']); $zones = array(); for ($ts = 0; $ts < count($template->sections); $ts++) { $title = $theme->t($template->sections[$ts]['name']); if ($title == '#main#') { $title = t(238, 'Main content'); } $zones[] = array('type' => 'section', 'code' => $template->sections[$ts]['code'], 'title' => $title); } for ($ps = 0; $ps < count($template->properties); $ps++) { // ignore non-textual properties if (!in_array($template->properties[$ps]->type, array("text", "textarea", "rich_textarea"))) { continue; } $zones[] = array('type' => 'property', 'code' => $template->properties[$ps]->id, 'title' => $theme->t($template->properties[$ps]->name)); } echo json_encode($zones); core_terminate(); break; } }
function run() { $out = ''; switch (@$_REQUEST['act']) { case 'grid_note_background': grid_notes::background($_REQUEST['object'], $_REQUEST['id'], $_REQUEST['background']); core_terminate(); break; case 'grid_notes_comments': $comments = grid_notes::comments($_REQUEST['object'], $_REQUEST['id'], false); echo json_encode($comments); core_terminate(); break; case 'grid_notes_add_comment': echo grid_notes::add_comment($_REQUEST['object'], $_REQUEST['id'], $_REQUEST['comment'], $_REQUEST['background']); core_terminate(); break; case 'grid_note_remove': echo grid_notes::remove($_REQUEST['id']); core_terminate(); break; default: } return $out; }
/** * Executes a Navigate CMS function taking the 'fid' url parameter * fid can be the name of the package (p.e. "dashboard") or its numeric assignment (p.e. "6") * note: if no "fid" is found, then loads the first available menu function * * @return mixed Navigate CMS package output */ function core_run() { global $layout; global $menu_layout; $content = ""; $fid = 'dashboard'; // default function if (isset($_REQUEST['fid'])) { $fid = $_REQUEST['fid']; } $f = core_load_function($fid); if (empty($f) && ($fid == "dashboard" || empty($fid))) { // load first function available $fid = $menu_layout->menus[0]->items[0]->codename; if (empty($fid)) { $fid = "unknown"; } else { header('location: ' . NAVIGATE_MAIN . '?fid=' . $fid); core_terminate(); } } if (file_exists('lib/packages/' . $f->codename . '/' . $f->codename . '.php')) { include 'lib/packages/' . $f->codename . '/' . $f->codename . '.php'; $content = run(); } else { $content = 'function ' . $fid . ': <strong>' . $f->codename . '</strong> has not been found!'; } return $content; }
function run() { global $DB; switch (@$_REQUEST['act']) { case 'list': $object_type = $_REQUEST['object']; $page = intval($_REQUEST['page']); $max = intval($_REQUEST['rows']); $object_id = intval($_REQUEST['object_id']); $ws_id = intval($_REQUEST['website']); $offset = ($page - 1) * $max; $rows = nvweb_permissions_rows($ws_id, $object_type, $object_id); navitable::jqgridJson($rows, $page, $offset, $max, count($rows)); core_terminate(); break; default: } }
function run() { global $layout; global $DB; global $website; $out = ''; $item = new block(); switch ($_REQUEST['act']) { case 'json': case 1: // json data retrieval & operations switch ($_REQUEST['oper']) { case 'del': // remove rows $ids = $_REQUEST['ids']; foreach ($ids as $id) { $item->load($id); $item->delete(); } echo json_encode(true); break; default: // list or search // translation of request search & order fields switch ($_REQUEST['searchField']) { case 'id': $_REQUEST['searchField'] = 'b.id'; break; case 'type': $_REQUEST['searchField'] = 'b.type'; break; case 'title': $_REQUEST['searchField'] = 'd.text'; break; case 'category': $_REQUEST['searchField'] = 'b.category'; break; case 'dates': $_REQUEST['searchField'] = 'b.date_published'; break; case 'enabled': $_REQUEST['searchField'] = 'b.enabled'; break; case 'date_modified': default: $_REQUEST['searchField'] = 'b.date_modified'; } if ($_REQUEST['sidx'] == 'dates') { $_REQUEST['sidx'] = 'b.date_published'; } $page = intval($_REQUEST['page']); $max = intval($_REQUEST['rows']); $offset = ($page - 1) * $max; $orderby = $_REQUEST['sidx'] . ' ' . $_REQUEST['sord']; $where = " 1=1 "; if ($_REQUEST['_search'] == 'true' || isset($_REQUEST['quicksearch'])) { if (isset($_REQUEST['quicksearch'])) { $where .= $item->quicksearch($_REQUEST['quicksearch']); } else { if (isset($_REQUEST['filters'])) { $where .= navitable::jqgridsearch($_REQUEST['filters']); // special case if (strpos($where, 'title LIKE') !== false) { $where = substr_replace($where, 'd.text', strpos($where, 'title LIKE'), 5); } } else { // single search $where .= ' AND ' . navitable::jqgridcompare($_REQUEST['searchField'], $_REQUEST['searchOper'], $_REQUEST['searchString']); } } } $sql = ' SELECT SQL_CALC_FOUND_ROWS b.*, d.text as title FROM nv_blocks b LEFT JOIN nv_webdictionary d ON b.id = d.node_id AND d.node_type = "block" AND d.subtype = "title" AND d.lang = "' . $website->languages_list[0] . '" AND d.website = ' . $website->id . ' WHERE ' . $where . ' AND b.website = ' . $website->id . ' ORDER BY ' . $orderby . ' LIMIT ' . $max . ' OFFSET ' . $offset; if (!$DB->query($sql, 'array')) { throw new Exception($DB->get_last_error()); } $dataset = $DB->result(); $total = $DB->foundRows(); $block_types = block::types(); $block_types_list = array(); for ($i = 0; $i < count($block_types); $i++) { if (is_numeric($block_types[$i]['id'])) { $block_types_list[$block_types[$i]['code']] = $block_types[$i]['title']; } else { $block_types_list[$block_types[$i]['id']] = $block_types[$i]['title']; } } $dataset = grid_notes::summary($dataset, 'block', 'id'); // we need to format the values and retrieve the needed strings from the dictionary $out = array(); for ($i = 0; $i < count($dataset); $i++) { if (empty($dataset[$i])) { continue; } $access = array(0 => '<img src="img/icons/silk/page_white_go.png" align="absmiddle" title="' . t(254, 'Everybody') . '" />', 1 => '<img src="img/icons/silk/lock.png" align="absmiddle" title="' . t(361, 'Web users only') . '" />', 2 => '<img src="img/icons/silk/user_gray.png" align="absmiddle" title="' . t(363, 'Users who have not yet signed up or signed in') . '" />', 3 => '<img src="img/icons/silk/group_key.png" align="absmiddle" title="' . t(512, "Selected web user groups") . '" />'); if (empty($dataset[$i]['date_published'])) { $dataset[$i]['date_published'] = '∞'; } else { $dataset[$i]['date_published'] = core_ts2date($dataset[$i]['date_published'], false); } if (empty($dataset[$i]['date_unpublish'])) { $dataset[$i]['date_unpublish'] = '∞'; } else { $dataset[$i]['date_unpublish'] = core_ts2date($dataset[$i]['date_unpublish'], false); } if ($dataset[$i]['category'] > 0) { $dataset[$i]['category'] = $DB->query_single('text', 'nv_webdictionary', ' node_type = "structure" AND node_id = "' . $dataset[$i]['category'] . '" AND subtype = "title" AND lang = "' . $website->languages_list[0] . '" '); } $out[$i] = array(0 => $dataset[$i]['id'], 1 => $block_types_list[$dataset[$i]['type']], 2 => '<div class="list-row" data-enabled="' . $dataset[$i]['enabled'] . '">' . $dataset[$i]['title'] . '</div>', 3 => $dataset[$i]['date_published'] . ' - ' . $dataset[$i]['date_unpublish'], 4 => $access[$dataset[$i]['access']], 5 => $dataset[$i]['enabled'] == 1 ? '<img src="img/icons/silk/accept.png" />' : '<img src="img/icons/silk/cancel.png" />', 6 => $dataset[$i]['_grid_notes_html']); } navitable::jqgridJson($out, $page, $offset, $max, $total); break; } session_write_close(); exit; break; case 'load': case 'edit': case 2: // edit/new form if (!empty($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); } if (isset($_REQUEST['form-sent'])) { $item->load_from_post(); try { $item->save(); property::save_properties_from_post('block', $item->id); $id = $item->id; // set block order if (!empty($item->type) && !empty($_REQUEST['blocks-order'])) { block::reorder($item->type, $_REQUEST['blocks-order'], $_REQUEST['blocks-order-fixed']); } unset($item); $item = new block(); $item->load($id); $layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check'); } catch (Exception $e) { $layout->navigate_notification($e->getMessage(), true, true); } users_log::action($_REQUEST['fid'], $item->id, 'save', $item->dictionary[$website->languages_list[0]]['title'], json_encode($_REQUEST)); } else { users_log::action($_REQUEST['fid'], $item->id, 'load', $item->dictionary[$website->languages_list[0]]['title']); } $out = blocks_form($item); break; case 'delete': case 4: // remove if (!empty($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); if ($item->delete() > 0) { $layout->navigate_notification(t(55, 'Item removed successfully.'), false); $out = blocks_list(); } else { $layout->navigate_notification(t(56, 'Unexpected error.'), false); $out = blocks_form($item); } users_log::action($_REQUEST['fid'], $item->id, 'remove', $item->dictionary[$website->languages_list[0]]['title']); } break; case 'path': case 5: // search an existing path $DB->query('SELECT path as id, path as label, path as value FROM nv_paths WHERE path LIKE ' . protect('%' . $_REQUEST['term'] . '%') . ' AND website = ' . $website->id . ' ORDER BY path ASC LIMIT 10', 'array'); echo json_encode($DB->result()); core_terminate(); break; case 'block_groups_list': $out = block_groups_list(); break; case 'block_groups_json': // block groups: json data retrieval $page = intval($_REQUEST['page']); $max = intval($_REQUEST['rows']); $offset = ($page - 1) * $max; list($rs, $total) = block_group::paginated_list($offset, $max, $_REQUEST['sidx'], $_REQUEST['sord']); $rs = grid_notes::summary($rs, 'block_group', 'id'); // translate $rs to an array of ordered fields foreach ($rs as $row) { if (substr($row['blocks'], 0, 2) == 'a:') { // nv < 2.1 $row['blocks'] = mb_unserialize($row['blocks']); } else { // nv >= 2.1 $row['blocks'] = json_decode($row['blocks'], true); } $dataset[] = array('id' => $row['id'], 'code' => $row['code'], 'title' => $row['title'], 'blocks' => count($row['blocks']), 'notes' => $row['_grid_notes_html']); } navitable::jqgridJson($dataset, $page, $offset, $max, $total, 'id'); session_write_close(); exit; break; case 'block_group_edit': $item = new block_group(); if (!empty($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); } if (isset($_REQUEST['form-sent'])) { $item->load_from_post(); try { $item->save(); $layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check'); } catch (Exception $e) { $layout->navigate_notification($e->getMessage(), true, true); } users_log::action($_REQUEST['fid'], $item->id, 'save', $item->title, json_encode($_REQUEST)); } else { if (!empty($_REQUEST['id'])) { users_log::action($_REQUEST['fid'], $item->id, 'edit', $item->title); } } $out = block_group_form($item); break; case 'block_group_delete': $item = new block_group(); if (!empty($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); if ($item->delete() > 0) { $layout->navigate_notification(t(55, 'Item removed successfully.'), false); $out = block_groups_list(); } else { $layout->navigate_notification(t(56, 'Unexpected error.'), false); $out = block_group_form($item); } users_log::action($_REQUEST['fid'], $item->id, 'remove', $item->title); } break; case 'block_types_list': $out = blocks_types_list(); break; case 'block_types_json': // block types: json data retrieval $page = intval($_REQUEST['page']); $max = intval($_REQUEST['rows']); $offset = ($page - 1) * $max; $rs = block::types($_REQUEST['sidx'], $_REQUEST['sord']); $block_modes = block::modes(); // translate $rs to an array of ordered fields foreach ($rs as $row) { $dataset[] = array('id' => $row['id'], 'type' => $block_modes[$row['type']], 'code' => $row['code'], 'title' => $row['title'], 'width' => $row['width'], 'height' => $row['height']); } $total = count($dataset); navitable::jqgridJson($dataset, $page, $offset, $max, $total, 'id'); session_write_close(); exit; break; case 'block_type_edit': case 82: // edit/create block type $item = NULL; $position = NULL; $max_id = 0; $dataset = block::custom_types(); for ($i = 0; $i < count($dataset); $i++) { if ($dataset[$i]['id'] > $max_id) { $max_id = $dataset[$i]['id']; } if ($dataset[$i]['id'] == $_REQUEST['id']) { $item = $dataset[$i]; $position = $i; } } if (empty($item)) { $layout->navigate_notification(t(599, "Sorry, can't display a theme block type info.")); $out = blocks_types_list(); } else { if (isset($_REQUEST['form-sent'])) { if (empty($item)) { $item = array('id' => $max_id + 1); } $item['type'] = $_REQUEST['type']; $item['title'] = $_REQUEST['title']; $item['code'] = $_REQUEST['code']; $item['width'] = $_REQUEST['width']; $item['height'] = $_REQUEST['height']; $item['order'] = $_REQUEST['order']; $item['maximum'] = $_REQUEST['maximum']; $item['notes'] = pquotes($_REQUEST['notes']); if (!is_null($position)) { $dataset[$position] = $item; } else { $dataset[] = $item; } try { // save $ok = block::types_update($dataset); $layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check'); } catch (Exception $e) { $layout->navigate_notification($e->getMessage(), true, true); } } $out = blocks_type_form($item); } break; case 'block_type_delete': case 84: // remove block type $dataset = block::custom_types(); $item = NULL; for ($i = 0; $i < count($dataset); $i++) { if ($dataset[$i]['id'] == $_REQUEST['id']) { unset($dataset[$i]); break; } } try { block::types_update($dataset); $layout->navigate_notification(t(55, 'Item removed successfully.'), false); $out = blocks_types_list(); } catch (Exception $e) { $out = $layout->navigate_message("error", t(23, 'Blocks'), t(56, 'Unexpected error.')); } break; case 'block_property_load': $property = new property(); if (!empty($_REQUEST['id'])) { if (is_numeric($_REQUEST['id'])) { $property->load(intval($_REQUEST['id'])); } else { $property->load_from_theme($_REQUEST['id'], null, 'block', $_REQUEST['block']); } } header('Content-type: text/json'); $types = property::types(); $property->type_text = $types[$property->type]; echo json_encode($property); session_write_close(); exit; break; case 'block_property_save': // save property details $property = new property(); if (!empty($_REQUEST['property-id'])) { $property->load(intval($_REQUEST['property-id'])); } $property->load_from_post(); $property->save(); header('Content-type: text/json'); $types = property::types(); $property->type_text = $types[$property->type]; echo json_encode($property); session_write_close(); exit; break; case 'block_property_remove': // remove property $property = new property(); if (!empty($_REQUEST['property-id'])) { $property->load(intval($_REQUEST['property-id'])); } $property->delete(); session_write_close(); exit; break; case 'block_group_block_options': $status = null; $block_group = $_REQUEST['block_group']; $block_code = $_REQUEST['code']; $block_uid = $_REQUEST['block_uid']; if (isset($_REQUEST['form-sent'])) { $status = property::save_properties_from_post('block_group_block', $block_code, $block_group, $block_code, $block_uid); } $out = block_group_block_options($block_group, $block_code, $block_uid, $status); echo $out; core_terminate(); break; case 'block_group_extension_block_options': $status = null; $block_group = $_REQUEST['block_group']; // block_group type $block_id = $_REQUEST['block_id']; // extension block id (type) $block_uid = $_REQUEST['block_uid']; // extension block unique id $block_extension = $_REQUEST['block_extension']; // extension name if (isset($_REQUEST['form-sent'])) { $status = property::save_properties_from_post('extension_block', $block_group, $block_id, null, $block_uid); } $out = block_group_extension_block_options($block_group, $block_extension, $block_id, $block_uid, $status); echo $out; core_terminate(); break; case 0: // list / search result // list / search result default: $out = blocks_list(); break; } return $out; }
public function backup() { global $website; global $DB; // protection against double process call if (!empty($this->status)) { core_terminate(); } // prepare temporary folder if (!file_exists(NAVIGATE_PRIVATE . '/' . $website->id . '/backups')) { @mkdir(NAVIGATE_PRIVATE . '/' . $website->id . '/backups', 0755, true); } $zip = new ZipArchive(); $backup_filename = '/' . $website->id . '/backups/backup-' . time() . '.zip'; if ($zip->open(NAVIGATE_PRIVATE . $backup_filename, ZIPARCHIVE::CREATE) !== TRUE) { $this->status = 'ZipArchive error: ' . NAVIGATE_PRIVATE . '/' . $website->id . '/backups/backup-' . time() . '.zip'; $this->update(); throw new Exception('ZipArchive error: ' . NAVIGATE_PRIVATE . '/' . $website->id . '/backups/backup-' . time() . '.zip'); } $this->status = 'database'; $this->update(); // database //--> call the exporter (backup) of each object type $objects = array('block', 'item', 'comment', 'feed', 'file', 'grid_notes', 'menu', 'path', 'profile', 'property', 'structure', 'template', 'user', 'permission', 'webdictionary', 'webdictionary_history', 'website', 'webuser', 'webuser_group', 'webuser_vote'); include_once NAVIGATE_PATH . '/lib/packages/blocks/block.class.php'; include_once NAVIGATE_PATH . '/lib/packages/items/item.class.php'; include_once NAVIGATE_PATH . '/lib/packages/comments/comment.class.php'; include_once NAVIGATE_PATH . '/lib/packages/feeds/feed.class.php'; include_once NAVIGATE_PATH . '/lib/packages/files/file.class.php'; include_once NAVIGATE_PATH . '/lib/packages/grid_notes/grid_notes.class.php'; include_once NAVIGATE_PATH . '/lib/packages/menus/menu.class.php'; include_once NAVIGATE_PATH . '/lib/packages/paths/path.class.php'; include_once NAVIGATE_PATH . '/lib/packages/profiles/profile.class.php'; include_once NAVIGATE_PATH . '/lib/packages/properties/property.class.php'; include_once NAVIGATE_PATH . '/lib/packages/structure/structure.class.php'; include_once NAVIGATE_PATH . '/lib/packages/templates/template.class.php'; include_once NAVIGATE_PATH . '/lib/packages/permissions/permission.class.php'; include_once NAVIGATE_PATH . '/lib/core/user.class.php'; include_once NAVIGATE_PATH . '/lib/packages/webdictionary/webdictionary.class.php'; include_once NAVIGATE_PATH . '/lib/packages/webdictionary/webdictionary_history.class.php'; include_once NAVIGATE_PATH . '/lib/packages/websites/website.class.php'; include_once NAVIGATE_PATH . '/lib/packages/webusers/webuser.class.php'; include_once NAVIGATE_PATH . '/lib/packages/webusers/webuser_group.class.php'; include_once NAVIGATE_PATH . '/lib/packages/webusers/webuser_profile.class.php'; include_once NAVIGATE_PATH . '/lib/packages/webuser_votes/webuser_vote.class.php'; foreach ($objects as $object) { $json = $object::backup('json'); $zip->addFromString('database/' . $object . '.json', $json); } // themes $DB->reconnect(); $this->status = 'themes'; $this->update(); $files = rglob("*", GLOB_MARK, NAVIGATE_PATH . '/themes'); foreach ($files as $file) { if (!file_exists($file)) { continue; } $file = substr($file, strlen(NAVIGATE_PATH . '/')); if (substr($file, -1, 1) == "\\" || substr($file, -1, 1) == "/") { continue; } $zip->addFile($file); } // templates $files = rglob("*", GLOB_MARK, NAVIGATE_PRIVATE . '/' . $website->id . '/templates'); foreach ($files as $file) { if (!file_exists($file)) { continue; } $file = substr($file, strlen(NAVIGATE_PATH . '/')); if (substr($file, -1, 1) == "\\" || substr($file, -1, 1) == "/") { continue; } $zip->addFile($file); } // webgets $files = rglob("*", GLOB_MARK, NAVIGATE_PRIVATE . '/' . $website->id . '/webgets'); foreach ($files as $file) { if (!file_exists($file)) { continue; } $file = substr($file, strlen(NAVIGATE_PATH . '/')); if (substr($file, -1, 1) == "\\" || substr($file, -1, 1) == "/") { continue; } $zip->addFile($file); } // extensions $DB->reconnect(); $this->status = 'extensions'; $this->update(); $files = rglob("*", GLOB_MARK, NAVIGATE_PATH . '/plugins'); foreach ($files as $file) { if (!file_exists($file)) { continue; } $file = substr($file, strlen(NAVIGATE_PATH . '/')); if (substr($file, -1, 1) == "\\" || substr($file, -1, 1) == "/") { continue; } $zip->addFile($file); } // files (uploads) $DB->reconnect(); $this->status = 'files'; $this->update(); $files = rglob("*", GLOB_MARK, NAVIGATE_PRIVATE . '/' . $website->id . '/files'); foreach ($files as $file) { if (!file_exists($file)) { continue; } $file = substr($file, strlen(NAVIGATE_PATH . '/')); if (substr($file, -1, 1) == "\\" || substr($file, -1, 1) == "/") { continue; } $zip->addFile($file); } $DB->reconnect(); $this->status = 'compress'; $this->update(); // compress $zip->close(); // to do: upload to naviwebs backup service /* if($this->upload) { $DB->reconnect(); $this->status = 'upload'; $this->update(); } */ $DB->reconnect(); $this->status = 'completed'; $this->size = filesize(NAVIGATE_PRIVATE . $backup_filename); $this->file = $backup_filename; $this->update(); unset($zip); }
function run() { global $user; global $layout; global $DB; global $website; $out = ''; $item = new webuser(); switch ($_REQUEST['act']) { // json data retrieval & operations case 'json': case 1: switch ($_REQUEST['oper']) { case 'del': // remove rows $ids = $_REQUEST['ids']; foreach ($ids as $id) { $item->load($id); $item->delete(); } echo json_encode(true); break; default: // list or search $page = intval($_REQUEST['page']); $max = intval($_REQUEST['rows']); $offset = ($page - 1) * $max; $orderby = $_REQUEST['sidx'] . ' ' . $_REQUEST['sord']; $where = ' website = ' . $website->id; if ($_REQUEST['_search'] == 'true' || isset($_REQUEST['quicksearch'])) { if (isset($_REQUEST['quicksearch'])) { $where .= $item->quicksearch($_REQUEST['quicksearch']); } else { if (isset($_REQUEST['filters'])) { $filters = $_REQUEST['filters']; if (is_array($filters)) { $filters = json_encode($filters); } $where .= navitable::jqgridsearch($filters); } else { // single search $where .= ' AND ' . navitable::jqgridcompare($_REQUEST['searchField'], $_REQUEST['searchOper'], $_REQUEST['searchString']); } } } $DB->queryLimit('id,avatar,username,email,fullname,groups,joindate,access,access_begin,access_end', 'nv_webusers', $where, $orderby, $offset, $max); $dataset = $DB->result(); $total = $DB->foundRows(); $dataset = grid_notes::summary($dataset, 'webuser', 'id'); global $webusers_groups_all; $webusers_groups_all = webuser_group::all_in_array(); //echo $DB->get_last_error(); $out = array(); for ($i = 0; $i < count($dataset); $i++) { $wug = str_replace('g', '', $dataset[$i]['groups']); $wug = explode(',', $wug); $wug = array_map(function ($in) { global $webusers_groups_all; if (empty($in)) { return; } return $webusers_groups_all[$in]; }, $wug); $blocked = 1; if ($dataset[$i]['access'] == 0 || $dataset[$i]['access'] == 2 && ($dataset[$i]['access_begin'] == 0 || $dataset[$i]['access_begin'] < time()) && ($dataset[$i]['access_end'] == 0 || $dataset[$i]['access_end'] > time())) { $blocked = 0; } $out[$i] = array(0 => $dataset[$i]['id'], 1 => empty($dataset[$i]['avatar']) ? '' : '<img title="' . $dataset[$i]['username'] . '" src="' . NAVIGATE_DOWNLOAD . '?wid=' . $website->id . '&id=' . urlencode($dataset[$i]['avatar']) . '&disposition=inline&width=32&height=32" />', 2 => '<div class="list-row" data-blocked="' . $blocked . '" title="' . $dataset[$i]['email'] . '">' . $dataset[$i]['username'] . '</div>', 3 => $dataset[$i]['fullname'], 4 => implode("<br />", $wug), 5 => core_ts2date($dataset[$i]['joindate'], true), 6 => $blocked == 0 ? '<img src="img/icons/silk/accept.png" />' : '<img src="img/icons/silk/cancel.png" />', 7 => $dataset[$i]['_grid_notes_html']); } navitable::jqgridJson($out, $page, $offset, $max, $total); break; } session_write_close(); exit; break; case 2: // edit/new form // edit/new form case 'create': case 'edit': if (!empty($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); } if (isset($_REQUEST['form-sent'])) { $item->load_from_post(); try { $item->save(); property::save_properties_from_post('webuser', $item->id); $layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check'); } catch (Exception $e) { $layout->navigate_notification($e->getMessage(), true, true); } if (!empty($item->id)) { users_log::action($_REQUEST['fid'], $item->id, 'save', $item->username, json_encode($_REQUEST)); } } else { if (!empty($item->id)) { users_log::action($_REQUEST['fid'], $item->id, 'load', $item->username); } } $out = webusers_form($item); break; case 4: // remove // remove case 'remove': if (!empty($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); if ($item->delete() > 0) { $layout->navigate_notification(t(55, 'Item removed successfully.'), false); $out = webusers_list(); users_log::action($_REQUEST['fid'], $item->id, 'remove', $item->username, json_encode($_REQUEST)); } else { $layout->navigate_notification(t(56, 'Unexpected error.'), false); $out = webusers_form($item); } } break; case 90: // json request: timezones by country $timezones = property::timezones($_REQUEST['country']); if (empty($timezones)) { $timezones = property::timezones(); } echo json_encode($timezones); core_terminate(); break; case 'export': // export web users list to a CSV file users_log::action($_REQUEST['fid'], 0, 'export', "all", json_encode($_REQUEST)); webuser::export(); break; case 'webuser_groups_list': $out = webuser_groups_list(); break; case 'webuser_groups_json': $page = intval($_REQUEST['page']); $max = intval($_REQUEST['rows']); $offset = ($page - 1) * $max; $rs = webuser_group::all($_REQUEST['sidx'], $_REQUEST['sord']); $dataset = array(); foreach ($rs as $row) { $dataset[] = array('id' => $row->id, 'code' => $row->code, 'name' => $row->name); } $total = count($dataset); navitable::jqgridJson($dataset, $page, $offset, $max, $total, 'id'); session_write_close(); exit; break; case 'webuser_group_edit': $webuser_group = new webuser_group(); if (!empty($_REQUEST['id'])) { $webuser_group->load(intval($_REQUEST['id'])); } if (isset($_REQUEST['form-sent'])) { $webuser_group->load_from_post(); try { $ok = $webuser_group->save(); $layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check'); users_log::action($_REQUEST['fid'], $webuser_group->id, 'save_webuser_group', $webuser_group->name, json_encode($_REQUEST)); } catch (Exception $e) { $layout->navigate_notification($e->getMessage(), true, true); } } else { users_log::action($_REQUEST['fid'], $webuser_group->id, 'load_webuser_group', $webuser_group->name, json_encode($_REQUEST)); } $out = webuser_groups_form($webuser_group); break; case 'webuser_group_delete': $webuser_group = new webuser_group(); if (!empty($_REQUEST['id'])) { $webuser_group->load(intval($_REQUEST['id'])); } try { $webuser_group->delete(); $layout->navigate_notification(t(55, 'Item removed successfully.'), false); $out = webuser_groups_list(); users_log::action($_REQUEST['fid'], $webuser_group->id, 'remove_webuser_group', $webuser_group->name, json_encode($_REQUEST)); } catch (Exception $e) { $out = $layout->navigate_message("error", t(24, 'Web users') . ' / ' . t(506, 'Groups'), t(56, 'Unexpected error.')); } break; case 0: // list / search result // list / search result case 'list': default: $out = webusers_list(); break; } return $out; }
function run() { global $user; global $layout; global $DB; global $website; global $theme; $out = ''; $item = new structure(); switch ($_REQUEST['act']) { case 'load': case 'edit': case 2: // edit/new form if (!empty($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); } if (isset($_REQUEST['form-sent'])) { $item->load_from_post(); try { $item->save(); property::save_properties_from_post('structure', $item->id); $item = $item->reload(); // reorder associated category elements if (!empty($_POST['elements-order'])) { $response = item::reorder($_POST['elements-order']); if ($response !== true) { throw new Exception($response); } } $layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check'); } catch (Exception $e) { $layout->navigate_notification($e->getMessage(), true, true); } if (!empty($item->id)) { users_log::action($_REQUEST['fid'], $item->id, 'save', $item->dictionary[$website->languages_list[0]]['title'], json_encode($_REQUEST)); } } else { if (!empty($item->id)) { users_log::action($_REQUEST['fid'], $item->id, 'load', $item->dictionary[$website->languages_list[0]]['title']); } } $out = structure_form($item); break; case 3: case "reorder": $ok = structure::reorder($_REQUEST['parent'], $_REQUEST['children_order']); echo json_encode($ok); core_terminate(); break; case "homepager": $node = $_REQUEST['node']; $website->homepage = $node; $ok = $website->save(); echo json_encode($ok); core_terminate(); break; case 4: case "remove": if (!empty($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); if ($item->delete() > 0) { $layout->navigate_notification(t(55, 'Item removed successfully.'), false); $structure = structure::hierarchy(-1); // root level (0) including Web node (-1) $out = structure_tree($structure); users_log::action($_REQUEST['fid'], $item->id, 'remove'); } else { $layout->navigate_notification(t(56, 'Unexpected error.'), false); $out = structure_form($item); } } break; case 95: // free path checking $path = $_REQUEST['path']; $id = $_REQUEST['id']; $DB->query('SELECT type, object_id, lang FROM nv_paths WHERE path = ' . protect($path) . ' AND website = ' . $website->id); $rs = $DB->result(); echo json_encode($rs); core_terminate(); break; case "category_path": // return category paths echo json_encode(path::loadElementPaths('structure', intval($_REQUEST['id']))); core_terminate(); break; case 'json_find_item': // find items by its title // the items must have its own path (free OR not embedded to a category) $DB->query(' SELECT SQL_CALC_FOUND_ROWS nvw.node_id as id, nvw.text as text FROM nv_webdictionary nvw, nv_items nvi WHERE nvw.node_type = "item" AND nvw.node_id = nvi.id AND nvw.subtype = "title" AND ( nvi.association = "free" OR (nvi.association = "category" AND nvi.embedding=0) ) AND nvw.lang = ' . protect($_REQUEST['lang']) . ' AND nvw.website = ' . $website->id . ' AND nvw.website = nvi.website AND nvw.text LIKE ' . protect('%' . $_REQUEST['title'] . '%') . ' ORDER BY nvw.text ASC LIMIT ' . intval($_REQUEST['page_limit']) . ' OFFSET ' . max(0, intval($_REQUEST['page_limit']) * (intval($_REQUEST['page']) - 1)), 'array'); $rows = $DB->result(); $total = $DB->foundRows(); echo json_encode(array('items' => $rows, 'totalCount' => $total)); core_terminate(); break; case "search_by_title": // json search title request (for "copy from" properties dialog) $DB->query(' SELECT node_id as id, text as label, text as value FROM nv_webdictionary WHERE node_type = "structure" AND subtype = "title" AND lang = ' . protect($_REQUEST['lang']) . ' AND website = ' . $website->id . ' AND text LIKE ' . protect('%' . $_REQUEST['title'] . '%') . ' ORDER BY text ASC LIMIT 30', 'array'); echo json_encode($DB->result()); core_terminate(); break; case "copy_from_template_zones": // return template properties for a structure id $item = new structure(); $item->load(intval($_REQUEST['id'])); $template = new template(); $template->load($item->template); $zones = array(); for ($ps = 0; $ps < count($template->properties); $ps++) { // ignore non structure properties if (!isset($template->properties[$ps]->element) || $template->properties[$ps]->element != 'structure') { continue; } // ignore non-textual properties if (!in_array($template->properties[$ps]->type, array("text", "textarea", "rich_textarea"))) { continue; } $title = $template->properties[$ps]->name; if (!empty($theme)) { $title = $theme->t($title); } $zones[] = array('type' => 'property', 'code' => $template->properties[$ps]->id, 'title' => $title); } echo json_encode($zones); core_terminate(); break; case "raw_zone_content": // return raw item contents if ($_REQUEST['zone'] == 'property') { $DB->query('SELECT text FROM nv_webdictionary WHERE node_type = "property-structure" AND subtype = ' . protect('property-' . $_REQUEST['section'] . '-' . $_REQUEST['lang']) . ' AND lang = ' . protect($_REQUEST['lang']) . ' AND website = ' . $website->id . ' AND node_id = ' . protect($_REQUEST['node_id']), 'array'); $data = $DB->first(); echo $data['text']; } core_terminate(); break; case 'votes_reset': webuser_vote::remove_object_votes('structure', intval($_REQUEST['id'])); echo 'true'; core_terminate(); break; case 'votes_by_webuser': if ($_POST['oper'] == 'del') { $ids = explode(',', $_POST['id']); for ($i = 0; $i < count($ids); $i++) { if ($ids[$i] > 0) { $vote = new webuser_vote(); $vote->load($ids[$i]); $vote->delete(); } } webuser_vote::update_object_score('structure', $vote->object_id); echo 'true'; core_terminate(); } $max = intval($_GET['rows']); $page = intval($_GET['page']); $offset = ($page - 1) * $max; if ($_REQUEST['_search'] == 'false') { list($dataset, $total) = webuser_vote::object_votes_by_webuser('structure', intval($_REQUEST['id']), $_REQUEST['sidx'] . ' ' . $_REQUEST['sord'], $offset, $max); } $out = array(); for ($i = 0; $i < count($dataset); $i++) { if (empty($dataset[$i])) { continue; } $out[$i] = array(0 => $dataset[$i]['id'], 1 => core_ts2date($dataset[$i]['date'], true), 2 => $dataset[$i]['username']); } navitable::jqgridJson($out, $page, $offset, $max, $total); core_terminate(); break; case 0: // tree / search result // tree / search result default: $structure = structure::hierarchy(-1); // root level (0) including Web node (-1) $out = structure_tree($structure); break; } return $out; }
function run() { global $layout; global $DB; global $website; global $theme; global $user; $out = ''; $item = new item(); switch ($_REQUEST['act']) { case 'json': case 1: // json data retrieval & operations switch ($_REQUEST['oper']) { case 'del': // remove rows $ids = $_REQUEST['ids']; foreach ($ids as $id) { $item->load($id); $item->delete(); } echo json_encode(true); break; default: // list or search // translation of request search & order fields switch ($_REQUEST['searchField']) { case 'id': $_REQUEST['searchField'] = 'i.id'; break; case 'title': $_REQUEST['searchField'] = 'd.text'; break; case 'language': $_REQUEST['searchField'] = 'd.lang'; break; case 'category': $_REQUEST['searchField'] = 'i.category'; break; case 'dates': $_REQUEST['searchField'] = 'i.date_published'; break; case 'permission': $_REQUEST['searchField'] = 'i.permission'; break; default: } if ($_REQUEST['sidx'] == 'dates') { $_REQUEST['sidx'] = 'i.date_published'; } $page = intval($_REQUEST['page']); $max = intval($_REQUEST['rows']); $offset = ($page - 1) * $max; $orderby = $_REQUEST['sidx'] . ' ' . $_REQUEST['sord']; $where = ' i.website = ' . $website->id; if ($_REQUEST['_search'] == 'true' || isset($_REQUEST['quicksearch'])) { if (isset($_REQUEST['quicksearch'])) { $where .= $item->quicksearch($_REQUEST['quicksearch']); } else { if (isset($_REQUEST['filters'])) { if (is_array($_REQUEST['filters'])) { $filters = json_decode(json_encode($_REQUEST['filters']), FALSE); } else { $filters = json_decode($_REQUEST['filters']); } for ($r = 0; $r < count($filters->rules); $r++) { switch ($filters->rules[$r]->field) { case 'id': $filters->rules[$r]->field = 'i.id'; break; case 'title': $filters->rules[$r]->field = 'd.text'; break; case 'language': $filters->rules[$r]->field = 'd.lang'; break; case 'category': $filters->rules[$r]->field = 'i.category'; break; case 'dates': $filters->rules[$r]->field = 'i.date_published'; break; case 'permission': $filters->rules[$r]->field = 'i.permission'; break; default: } } $where .= navitable::jqgridsearch(json_encode($filters)); } else { // single search $where .= ' AND ' . navitable::jqgridcompare($_REQUEST['searchField'], $_REQUEST['searchOper'], $_REQUEST['searchString']); } } } $sql = ' SELECT SQL_CALC_FOUND_ROWS i.*, d.text as title, d.lang as language, u.username as author_username, ( SELECT COUNT(*) FROM nv_comments cm WHERE cm.item = i.id AND cm.website = ' . $website->id . ' ) as comments FROM nv_items i LEFT JOIN nv_webdictionary d ON i.id = d.node_id AND d.node_type = "item" AND d.subtype = "title" AND d.lang = "' . $website->languages_list[0] . '" AND d.website = ' . $website->id . ' LEFT JOIN nv_users u ON u.id = i.author WHERE ' . $where . ' GROUP BY i.id, d.text, d.lang, u.username ORDER BY ' . $orderby . ' LIMIT ' . $max . ' OFFSET ' . $offset; if (!$DB->query($sql, 'array')) { throw new Exception($DB->get_last_error()); } $dataset = $DB->result(); $total = $DB->foundRows(); $dataset = grid_notes::summary($dataset, 'item', 'id'); $access = array(0 => '<img src="img/icons/silk/page_white_go.png" align="absmiddle" title="' . t(254, 'Everybody') . '" />', 1 => '<img src="img/icons/silk/lock.png" align="absmiddle" title="' . t(361, 'Web users only') . '" />', 2 => '<img src="img/icons/silk/user_gray.png" align="absmiddle" title="' . t(363, 'Users who have not yet signed up or signed in') . '" />', 3 => '<img src="img/icons/silk/group_key.png" align="absmiddle" title="' . t(512, "Selected web user groups") . '" />'); $permissions = array(0 => '<img src="img/icons/silk/world.png" align="absmiddle" /> ' . t(69, 'Published'), 1 => '<img src="img/icons/silk/world_dawn.png" align="absmiddle" /> ' . t(70, 'Private'), 2 => '<img src="img/icons/silk/world_night.png" align="absmiddle" /> ' . t(81, 'Hidden')); $hierarchy = structure::hierarchy(0); // we need to format the values and retrieve the needed strings from the dictionary $out = array(); for ($i = 0; $i < count($dataset); $i++) { if (empty($dataset[$i])) { continue; } if (empty($dataset[$i]['date_published'])) { $dataset[$i]['date_published'] = '∞'; } else { $dataset[$i]['date_published'] = core_ts2date($dataset[$i]['date_published'], false); } if (empty($dataset[$i]['date_unpublish'])) { $dataset[$i]['date_unpublish'] = '∞'; } else { $dataset[$i]['date_unpublish'] = core_ts2date($dataset[$i]['date_unpublish'], false); } if (empty($dataset[$i]['date_to_display'])) { $dataset[$i]['date_to_display'] = ''; } else { $dataset[$i]['date_to_display'] = core_ts2date($dataset[$i]['date_to_display'], false); } if ($dataset[$i]['category'] > 0) { $category_path = structure::hierarchyPath($hierarchy, $dataset[$i]['category']); if (is_array($category_path)) { $dataset[$i]['category_path'] = implode(' › ', $category_path); } else { $dataset[$i]['category_path'] = $category_path; } } $category_text = ''; if ($dataset[$i]['association'] == 'free') { $category_text = '[ ' . strtolower(t(100, 'Free')) . ' ]'; } else { $category_text = $dataset[$i]['category_path']; } $item_views = $dataset[$i]['views']; if ($item_views > 1000) { $item_views = round($item_views / 1000) . "K"; } $item_comments = $dataset[$i]['comments']; if ($item_comments > 1000) { $item_comments = round($item_comments / 1000) . "K"; } //$social_rating = '<img src="img/icons/silk/star.png" align="absmiddle" width="12px" height="12px" /> '. // '<span style="font-size: 90%;">'.$dataset[$i]['score'].' ('.$dataset[$i]['votes'].')</span>'; //$social_rating = '<i class="fa fa-fw fa-eye" /> <span style="font-size: 90%;">'.$dataset[$i]['views'].'</span>'; $social_rating = '<img src="img/icons/silk/eye.png" align="absmiddle" width="12px" height="12px" /> ' . '<span style="font-size: 90%;">' . $item_views . '</span>'; //$social_comments = '<i class="fa fa-fw fa-comments-o" /> <span style="font-size: 90%;">'.$dataset[$i]['comments'].'</span>'; $social_comments = '<img src="img/icons/silk/comments.png" align="absmiddle" width="12px" height="12px" /> ' . '<span style="font-size: 90%;">' . $item_comments . '</span>'; if (empty($dataset[$i]['title'])) { // if title is empty for the default language, // try to load the title in another language $DB->query(' SELECT lang, text FROM nv_webdictionary WHERE website = ' . $website->id . ' AND node_type = "item" AND subtype="title" AND node_id = ' . $dataset[$i]['id'] . ' AND text != "" ORDER BY id ASC'); $titles = $DB->result(); if (!empty($titles)) { $dataset[$i]['title'] = '<img src="img/icons/silk/comment.png" align="absmiddle" />'; $dataset[$i]['title'] .= '<small>' . $titles[0]->lang . '</small> '; $dataset[$i]['title'] .= $titles[0]->text; } } $out[$i] = array(0 => $dataset[$i]['id'], 1 => '<div class="list-row" data-permission="' . $dataset[$i]['permission'] . '">' . $dataset[$i]['title'] . '</div>', 2 => $social_rating . ' ' . $social_comments, 3 => $category_text, 4 => $dataset[$i]['date_to_display'], 5 => $dataset[$i]['date_published'] . ' - ' . $dataset[$i]['date_unpublish'], 6 => $access[$dataset[$i]['access']] . ' ' . $permissions[$dataset[$i]['permission']], 7 => $dataset[$i]['_grid_notes_html']); } navitable::jqgridJson($out, $page, $offset, $max, $total); break; } core_terminate(); break; case 'load': case 'create': case 'edit': case 2: // edit/new form if (!empty($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); if ($user->permission("items.edit") == "false" && $item->author != $user->id) { $layout->navigate_notification(t(610, "Sorry, you are not allowed to execute the requested function"), true); $_REQUEST['act'] = 'list'; return run(); } // check if the current user can edit this item if ($item->association == 'category' && !empty($item->category)) { if (!structure::category_allowed($item->category)) { $layout->navigate_notification(t(610, "Sorry, you are not allowed to execute the requested function"), true); $_REQUEST['act'] = 'list'; return run(); } } } if (isset($_REQUEST['form-sent'])) { $item->load_from_post(); try { $item->save(); property::save_properties_from_post('item', $item->id); if (!empty($_REQUEST['items-order'])) { item::reorder($_REQUEST['items-order']); } $layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check'); $item->load($item->id); users_log::action($_REQUEST['fid'], $item->id, 'save', $item->dictionary[$website->languages_list[0]]['title'], json_encode($_REQUEST)); } catch (Exception $e) { $layout->navigate_notification($e->getMessage(), true, true); } } else { users_log::action($_REQUEST['fid'], $item->id, 'load', $item->dictionary[$website->languages_list[0]]['title']); } $out = items_form($item); break; case 'delete': case 4: // remove if (!empty($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); try { if (!empty($item->id)) { $deleted = $item->delete() > 0; if ($deleted) { $layout->navigate_notification(t(55, 'Item removed successfully.'), false); $out = items_list(); users_log::action($_REQUEST['fid'], $item->id, 'remove', $item->dictionary[$website->languages_list[0]]['title'], json_encode($_REQUEST)); } } if (!$deleted) { $layout->navigate_notification(t(56, 'Unexpected error.'), false); if (!empty($item->id)) { $out = items_form($item); } else { $out = items_list(); } } } catch (Exception $e) { $layout->navigate_notification($e->getMessage(), true); if (!empty($item->id)) { $out = items_form($item); } } } break; case 'duplicate': if (!empty($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); if ($item->association == 'category' && $item->embedding == 1) { // get structure template $category = new structure(); $category->load($item->category); $properties = property::load_properties_associative('structure', $category->template, 'item', $item->id); } else { $properties = property::load_properties_associative('item', $item->template, 'item', $item->id); } // try to duplicate $item->id = 0; $ok = $item->insert(); if ($ok) { // duplicate item properties too (but don't duplicate comments) if ($item->association == 'category' && $item->embedding == 1) { $ok = property::save_properties_from_array('item', $item->id, $category->template, $properties); } else { $ok = property::save_properties_from_array('item', $item->id, $item->template, $properties); } } if ($ok) { $layout->navigate_notification(t(478, 'Item duplicated successfully.'), false, false, 'fa fa-check'); $out = items_form($item); } else { $layout->navigate_notification(t(56, 'Unexpected error.'), false); $item = new item(); $item->load(intval($_REQUEST['id'])); $out = items_form($item); } users_log::action($_REQUEST['fid'], $item->id, 'duplicate', $item->dictionary[$website->languages_list[0]]['title'], json_encode($_REQUEST)); } break; case 89: if (!empty($_REQUEST['id'])) { $DB->execute('DELETE FROM nv_webdictionary_history WHERE id = ' . intval($_REQUEST['id']) . ' LIMIT 1'); echo 'true'; } else { echo 'false'; } core_terminate(); break; case 90: $DB->query('SELECT id, date_created, autosave FROM nv_webdictionary_history WHERE node_type = "item" AND subtype = ' . protect('section-' . $_REQUEST['section']) . ' AND lang = ' . protect($_GET['lang']) . ' AND node_id = ' . protect($_REQUEST['id']) . ' AND website = ' . $website->id . ' ORDER BY date_created DESC', 'array'); $result = $DB->result(); if (!is_array($result)) { $result = array(); } for ($i = 0; $i < count($result); $i++) { $result[$i]['date'] = core_ts2date($result[$i]['date_created'], true); if ($result[$i]['autosave'] == 1) { $result[$i]['date'] .= ' (' . t(273, 'Autosave') . ')'; } } echo json_encode($result); core_terminate(); break; case "search_by_title": case 91: // json search title request (for "copy from" dialog) $DB->query(' SELECT node_id as id, text as label, text as value FROM nv_webdictionary WHERE node_type = "item" AND subtype = "title" AND lang = ' . protect($_REQUEST['lang']) . ' AND website = ' . $website->id . ' AND text LIKE ' . protect('%' . $_REQUEST['title'] . '%') . ' ORDER BY text ASC LIMIT 20', 'array'); echo json_encode($DB->result()); core_terminate(); break; case "raw_zone_content": // return raw item contents if (empty($_REQUEST['section'])) { $_REQUEST['section'] = 'main'; } if ($_REQUEST['history'] == 'true') { $DB->query('SELECT text FROM nv_webdictionary_history WHERE node_type = "item" AND website = ' . $website->id . ' AND id = ' . protect($_REQUEST['id']), 'array'); $data = $DB->first(); echo $data['text']; } else { if ($_REQUEST['zone'] == 'section') { $DB->query('SELECT text FROM nv_webdictionary WHERE node_type = "item" AND subtype = ' . protect('section-' . $_REQUEST['section']) . ' AND lang = ' . protect($_REQUEST['lang']) . ' AND website = ' . $website->id . ' AND node_id = ' . protect($_REQUEST['node_id']), 'array'); $data = $DB->first(); echo $data['text']; } else { if ($_REQUEST['zone'] == 'property') { $DB->query('SELECT text FROM nv_webdictionary WHERE node_type = "property-item" AND subtype = ' . protect('property-' . $_REQUEST['section'] . '-' . $_REQUEST['lang']) . ' AND lang = ' . protect($_REQUEST['lang']) . ' AND website = ' . $website->id . ' AND node_id = ' . protect($_REQUEST['node_id']), 'array'); $data = $DB->first(); echo $data['text']; } } } core_terminate(); break; // return raw template content // return raw template content case 93: $DB->query('SELECT file FROM nv_templates WHERE enabled = 1 AND id = ' . protect($_REQUEST['id']) . ' AND website = ' . $website->id, 'array'); $data = $DB->first(); echo @file_get_contents(NAVIGATE_PRIVATE . '/' . $website->id . '/templates/' . $data['file']); core_terminate(); break; case "copy_from_template_zones": // return template sections and (textarea) properties for a content id $item = new item(); $item->load(intval($_REQUEST['id'])); $template = $item->load_template(); $zones = array(); for ($ts = 0; $ts < count($template->sections); $ts++) { $title = $template->sections[$ts]['name']; if (!empty($theme)) { $title = $theme->t($title); } if ($title == '#main#') { $title = t(238, 'Main content'); } $zones[] = array('type' => 'section', 'id' => $template->sections[$ts]['id'], 'title' => $title); } for ($ps = 0; $ps < count($template->properties); $ps++) { // ignore structure properties if (isset($template->properties[$ps]->element) && $template->properties[$ps]->element != 'item') { continue; } // ignore non-textual properties if (!in_array($template->properties[$ps]->type, array("text", "textarea", "rich_textarea"))) { continue; } $title = $template->properties[$ps]->name; if (!empty($theme)) { $title = $theme->t($title); } $zones[] = array('type' => 'property', 'id' => $template->properties[$ps]->id, 'title' => $title); } echo json_encode($zones); core_terminate(); break; case 95: // free path checking $path = $_REQUEST['path']; $id = $_REQUEST['id']; $DB->query('SELECT type, object_id, lang FROM nv_paths WHERE path = ' . protect($path) . ' AND website = ' . $website->id); $rs = $DB->result(); echo json_encode($rs); core_terminate(); break; case 96: // return category paths echo json_encode(path::loadElementPaths('structure', intval($_REQUEST['id']))); core_terminate(); break; case 'json_find_user': // json find user by name request (for "moderator" autocomplete) $DB->query(' SELECT id, username as text FROM nv_users WHERE username LIKE ' . protect('%' . $_REQUEST['username'] . '%') . ' ORDER BY username ASC LIMIT 30', 'array '); $rows = $DB->result(); $total = $DB->foundRows(); echo json_encode(array('items' => $rows, 'total_count' => $total)); core_terminate(); break; case 'json_find_item': // find items by its title // any language $template_filter = ''; if (!empty($_REQUEST['template'])) { $template_filter = ' AND nvi.template = ' . protect($_REQUEST['template']) . ' '; } if (!empty($_REQUEST['association'])) { $template_filter = ' AND nvi.association = ' . protect($_REQUEST['association']) . ' '; } if (isset($_REQUEST['embedding'])) { $template_filter = ' AND nvi.embedding = ' . protect($_REQUEST['embedding']) . ' '; } $text = $_REQUEST['title']; if (!empty($_REQUEST['term'])) { // tagit request $text = $_REQUEST['term']; } $DB->query(' SELECT SQL_CALC_FOUND_ROWS DISTINCT nvw.node_id as id, nvw.text as text FROM nv_webdictionary nvw, nv_items nvi WHERE nvw.node_type = "item" AND nvw.node_id = nvi.id ' . $template_filter . ' AND nvw.subtype = "title" AND nvw.website = ' . $website->id . ' AND nvw.website = nvi.website AND nvw.text LIKE ' . protect('%' . $text . '%') . ' GROUP BY nvw.node_id, nvw.text ORDER BY nvw.text ASC LIMIT ' . intval($_REQUEST['page_limit']) . ' OFFSET ' . max(0, intval($_REQUEST['page_limit']) * (intval($_REQUEST['page']) - 1)), 'array'); $rows = $DB->result(); $total = $DB->foundRows(); if ($_REQUEST['association'] == 'free') { for ($i = 0; $i < count($rows); $i++) { $rows[$i]['path'] = $DB->query_single('path', 'nv_paths', ' website = ' . protect($website->id) . ' AND type="item" AND object_id="' . $rows[$i]['id'] . '" AND lang="' . $website->languages_list[0] . '" '); if (empty($rows[$i]['path'])) { $rows[$i]['path'] = '/node/' . $rows[$i]['id']; } } } if (empty($_REQUEST['format']) || $_REQUEST['format'] == 'select2') { echo json_encode(array('items' => $rows, 'totalCount' => $total)); } else { if ($_REQUEST['format'] == 'tagit') { $tags_json = array(); foreach ($rows as $row) { $tags_json[] = json_decode('{ "id": "' . $row['id'] . '", "label": "' . $row['text'] . '", "value": "' . $row['text'] . '" }'); } echo json_encode($tags_json); } } core_terminate(); break; case 98: // change comment status if (empty($_REQUEST['id'])) { echo "false"; core_terminate(); } switch ($_REQUEST['opt']) { case 'publish': $DB->execute(' UPDATE nv_comments SET status = 0 WHERE website = ' . $website->id . ' AND id = ' . $_REQUEST['id']); break; case 'unpublish': $DB->execute(' UPDATE nv_comments SET status = 1 WHERE website = ' . $website->id . ' AND id = ' . $_REQUEST['id']); break; case 'delete': $DB->execute(' DELETE FROM nv_comments WHERE website = ' . $website->id . ' AND id = ' . $_REQUEST['id']); break; } $error = $DB->get_last_error(); if (empty($error)) { echo 'true'; } else { echo 'false'; } core_terminate(); break; case 'autosave': if (!empty($_REQUEST['id'])) { $iDictionary = array(); foreach ($_REQUEST as $key => $value) { if (strpos($key, 'section-') === 0) { $lang = substr($key, -2, 2); $kname = substr($key, 0, strlen($key) - 3); $iDictionary[$lang][$kname] = $value; } } $changed = webdictionary_history::save_element_strings('item', intval($_REQUEST['id']), $iDictionary, true); if ($changed) { echo 'changes_saved'; } else { echo 'no_changes'; } core_terminate(); } echo 'false'; core_terminate(); break; case 'votes_reset': webuser_vote::remove_object_votes('item', intval($_REQUEST['id'])); echo 'true'; core_terminate(); break; case 'votes_by_webuser': if ($_POST['oper'] == 'del') { $ids = explode(',', $_POST['id']); for ($i = 0; $i < count($ids); $i++) { if ($ids[$i] > 0) { $vote = new webuser_vote(); $vote->load($ids[$i]); $vote->delete(); } } webuser_vote::update_object_score('item', $vote->object_id); echo 'true'; core_terminate(); } $max = intval($_GET['rows']); $page = intval($_GET['page']); $offset = ($page - 1) * $max; if ($_REQUEST['_search'] == 'false') { list($dataset, $total) = webuser_vote::object_votes_by_webuser('item', intval($_REQUEST['id']), $_REQUEST['sidx'] . ' ' . $_REQUEST['sord'], $offset, $max); } $out = array(); for ($i = 0; $i < count($dataset); $i++) { if (empty($dataset[$i])) { continue; } $out[$i] = array(0 => $dataset[$i]['id'], 1 => core_ts2date($dataset[$i]['date'], true), 2 => $dataset[$i]['username']); } navitable::jqgridJson($out, $page, $offset, $max, $total); core_terminate(); break; case 'items_order': if (!empty($_POST['items-order'])) { // save new order $response = item::reorder($_POST['items-order']); if ($response !== true) { echo $response['error']; } else { echo 'true'; } } else { // show ordered list echo items_order($_REQUEST['category']); } core_terminate(); break; case 'json_tags_search': $tags = nvweb_tags_retrieve(null, null, 'top', $_REQUEST['term'], $_REQUEST['lang']); $tags_json = array(); foreach (array_keys($tags) as $tag) { $tags_json[] = json_decode('{ "id": "' . $tag . '", "label": "' . $tag . '", "value": "' . $tag . '" }'); } echo json_encode($tags_json); core_terminate(); break; case 'json_tags_ranking': $tags = nvweb_tags_retrieve(100, null, 'top', null, $_REQUEST['lang']); $tags = array_keys($tags); echo json_encode($tags); core_terminate(); break; case 'list': case 0: // list / search result // list / search result default: $out = items_list(); break; } return $out; }
function run() { global $user; global $layout; global $DB; global $website; $out = ''; $item = new website(); switch ($_REQUEST['act']) { case 'json': case 1: // json data retrieval & operations switch ($_REQUEST['oper']) { case 'search_links': // active website only! $text = $_REQUEST['text']; $lang = $_REQUEST['lang']; if (empty($lang)) { $lang = array_keys($website->languages)[0]; } $DB->query(' SELECT p.path, d.text FROM nv_paths p, nv_webdictionary d WHERE p.website = ' . protect($website->id) . ' AND p.lang = ' . protect($lang) . ' AND d.website = p.website AND d.node_type = p.type AND d.node_id = p.object_id AND d.lang = p.lang AND d.subtype = "title" AND ( p.path LIKE ' . protect('%' . $text . '%') . ' OR d.text LIKE ' . protect('%' . $text . '%') . ' ) ORDER BY d.id DESC LIMIT 10 '); $result = $DB->result(); echo json_encode($result); core_terminate(); break; case 'del': // remove rows if ($user->permission('websites.delete') == 'true') { $ids = $_REQUEST['ids']; foreach ($ids as $id) { $item->load($id); $item->delete(); } echo json_encode(true); } core_terminate(); break; default: // list or search $page = intval($_REQUEST['page']); $max = intval($_REQUEST['rows']); $offset = ($page - 1) * $max; $orderby = $_REQUEST['sidx'] . ' ' . $_REQUEST['sord']; $where = " 1=1 "; if ($_REQUEST['_search'] == 'true' || isset($_REQUEST['quicksearch'])) { if (isset($_REQUEST['quicksearch'])) { $where .= $item->quicksearch($_REQUEST['quicksearch']); } else { if (isset($_REQUEST['filters'])) { $where .= navitable::jqgridsearch($_REQUEST['filters']); } else { // single search $where .= ' AND ' . navitable::jqgridcompare($_REQUEST['searchField'], $_REQUEST['searchOper'], $_REQUEST['searchString']); } } } $DB->queryLimit('id,name,subdomain,domain,folder,homepage,permission,favicon', 'nv_websites', $where, $orderby, $offset, $max); $dataset = $DB->result(); $total = $DB->foundRows(); //echo $DB->get_last_error(); $out = array(); $permissions = array(0 => '<img src="img/icons/silk/world.png" align="absmiddle" /> ' . t(69, 'Published'), 1 => '<img src="img/icons/silk/world_dawn.png" align="absmiddle" /> ' . t(70, 'Private'), 2 => '<img src="img/icons/silk/world_night.png" align="absmiddle" /> ' . t(81, 'Hidden')); for ($i = 0; $i < count($dataset); $i++) { $homepage = 'http://'; $homepage_relative_url = $dataset[$i]['homepage']; if (is_numeric($homepage_relative_url)) { $homepage_relative_url = path::loadElementPaths('structure', $homepage_relative_url); $homepage_relative_url = array_shift($homepage_relative_url); } if (!empty($dataset[$i]['subdomain'])) { $homepage .= $dataset[$i]['subdomain'] . '.'; } $homepage .= $dataset[$i]['domain'] . $dataset[$i]['folder'] . $homepage_relative_url; $favicon = ''; if (!empty($dataset[$i]['favicon'])) { $favicon = '<img src="' . NVWEB_OBJECT . '?type=img&id=' . $dataset[$i]['favicon'] . '&width=16&height=16" align="absmiddle" height="16" />'; } $out[$i] = array(0 => $dataset[$i]['id'], 1 => $favicon, 2 => $dataset[$i]['name'], 3 => '<a href="' . $homepage . '" target="_blank"><img align="absmiddle" src="' . NAVIGATE_URL . '/img/icons/silk/house_link.png"></a> ' . $homepage, 4 => $permissions[$dataset[$i]['permission']]); } navitable::jqgridJson($out, $page, $offset, $max, $total); break; } session_write_close(); exit; break; case 'edit': case 2: // edit/new form if (!empty($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); } if (isset($_REQUEST['form-sent']) && $user->permission('websites.edit') == 'true') { $item->load_from_post(); try { $item->save(); $id = $item->id; unset($item); $item = new website(); $item->load($id); $layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check'); } catch (Exception $e) { $layout->navigate_notification($e->getMessage(), true, true); } if (!empty($item->id)) { users_log::action($_REQUEST['fid'], $item->id, 'save', $item->name, json_encode($_REQUEST)); } } else { if (!empty($item->id)) { users_log::action($_REQUEST['fid'], $item->id, 'load', $item->name); } } $out = websites_form($item); break; case 'remove': case 4: if (!empty($_REQUEST['id']) && $user->permission('websites.delete') == 'true') { $item->load(intval($_REQUEST['id'])); if ($item->delete() > 0) { $layout->navigate_notification(t(55, 'Item removed successfully.'), false); if (!empty($item->id)) { users_log::action($_REQUEST['fid'], $item->id, 'remove', $item->name, json_encode($_REQUEST)); } // if we don't have any websites, tell user a new one will be created $test = $DB->query_single('id', 'nv_websites'); if (empty($test) || !$test) { $layout->navigate_notification(t(520, 'No website found; a default one has been created.'), false, true); $nwebsite = new website(); $nwebsite->create_default(); } $out = websites_list(); } else { $layout->navigate_notification(t(56, 'Unexpected error.'), false); $out = websites_form($item); } } break; case 5: // search an existing path $DB->query('SELECT path as id, path as label, path as value FROM nv_paths WHERE path LIKE ' . protect('%' . $_REQUEST['term'] . '%') . ' AND website = ' . protect($_REQUEST['wid']) . ' ORDER BY path ASC LIMIT 30', 'array'); echo json_encode($DB->result()); core_terminate(); break; case 'email_test': $website->mail_mailer = $_REQUEST['mail_mailer']; $website->mail_server = $_REQUEST['mail_server']; $website->mail_port = $_REQUEST['mail_port']; $website->mail_address = $_REQUEST['mail_address']; $website->mail_user = $_REQUEST['mail_user']; $website->mail_security = $_REQUEST['mail_security'] == "true" || $_REQUEST['mail_security'] == "1" ? "1" : "0"; if (!empty($_REQUEST['mail_password'])) { $website->mail_password = $_REQUEST['mail_password']; } $ok = navigate_send_email(APP_NAME, APP_NAME . '<br /><br />' . NAVIGATE_URL, $_REQUEST['send_to']); echo json_encode($ok); core_terminate(); break; case 'reset_statistics': if ($user->permission('websites.edit') == 'true') { $website_id = trim($_REQUEST['website']); $website_id = intval($website_id); $DB->execute('UPDATE nv_items SET views = 0 WHERE website = ' . $website_id); $DB->execute('UPDATE nv_paths SET views = 0 WHERE website = ' . $website_id); $DB->execute('UPDATE nv_structure SET views = 0 WHERE website = ' . $website_id); echo 'true'; users_log::action($_REQUEST['fid'], $website_id, 'reset_statistics', "", json_encode($_REQUEST)); } core_terminate(); break; case 'replace_urls': $old = trim($_REQUEST['old']); $new = trim($_REQUEST['new']); $website_id = trim($_REQUEST['website']); if (!empty($old) && !empty($new)) { // replace occurrences in nv_webdictionary $ok = $DB->execute(' UPDATE nv_webdictionary SET text = replace(text, :old, :new) WHERE website = :wid', array(':old' => $old, ':new' => $new, ':wid' => $website_id)); // replace occurrences in nv_blocks (triggers & actions) $ok = $DB->execute(' UPDATE nv_blocks SET `trigger` = replace(`trigger`, :old, :new), `action` = replace(`action`, :old, :new) WHERE website = :wid', array(':old' => $old, ':new' => $new, ':wid' => $website_id)); echo $ok ? 'true' : 'false'; if ($ok) { users_log::action($_REQUEST['fid'], $website_id, 'replace_urls', "", json_encode($_REQUEST)); } } else { echo 'false'; } core_terminate(); break; case 'remove_content': $website_id = trim($_REQUEST['website']); $website_id = intval($website_id); $password = trim($_REQUEST['password']); $authenticated = $user->authenticate($user->username, $password); if ($authenticated) { // remove all content except Webusers and Files @set_time_limit(0); $ok = $DB->execute(' DELETE FROM nv_blocks WHERE website = ' . $website_id . '; DELETE FROM nv_block_groups WHERE website = ' . $website_id . '; DELETE FROM nv_comments WHERE website = ' . $website_id . '; DELETE FROM nv_structure WHERE website = ' . $website_id . '; DELETE FROM nv_feeds WHERE website = ' . $website_id . '; DELETE FROM nv_items WHERE website = ' . $website_id . '; DELETE FROM nv_notes WHERE website = ' . $website_id . '; DELETE FROM nv_paths WHERE website = ' . $website_id . '; DELETE FROM nv_properties WHERE website = ' . $website_id . '; DELETE FROM nv_properties_items WHERE website = ' . $website_id . '; DELETE FROM nv_search_log WHERE website = ' . $website_id . '; DELETE FROM nv_webdictionary WHERE website = ' . $website_id . '; DELETE FROM nv_webdictionary_history WHERE website = ' . $website_id . '; '); if ($ok) { users_log::action($_REQUEST['fid'], $website_id, 'remove_content', "", json_encode($_REQUEST)); } echo $ok ? 'true' : $DB->error(); } else { echo ''; } core_terminate(); break; case 0: // list / search result // list / search result default: $out = websites_list(); break; } return $out; }
function run() { global $user; global $layout; global $DB; global $website; $out = ''; $item = new feed(); switch ($_REQUEST['act']) { case 1: // json data retrieval & operations switch ($_REQUEST['oper']) { case 'del': // remove rows $ids = $_REQUEST['ids']; foreach ($ids as $id) { $item->load($id); $item->delete(); } echo json_encode(true); break; default: // list or search $page = intval($_REQUEST['page']); $max = intval($_REQUEST['rows']); $offset = ($page - 1) * $max; $orderby = $_REQUEST['sidx'] . ' ' . $_REQUEST['sord']; $where = " f.website = " . $website->id; if ($_REQUEST['_search'] == 'true' || isset($_REQUEST['quicksearch'])) { if (isset($_REQUEST['quicksearch'])) { $where .= $item->quicksearch($_REQUEST['quicksearch']); } else { if (isset($_REQUEST['filters'])) { $where .= navitable::jqgridsearch($_REQUEST['filters']); } else { // single search $where .= ' AND ' . navitable::jqgridcompare($_REQUEST['searchField'], $_REQUEST['searchOper'], $_REQUEST['searchString']); } } } $sql = ' SELECT SQL_CALC_FOUND_ROWS f.*, d.text as title FROM nv_feeds f LEFT JOIN nv_webdictionary d ON f.id = d.node_id AND d.node_type = "feed" AND d.subtype = "title" AND d.lang = "' . $website->languages_list[0] . '" AND d.website = ' . $website->id . ' WHERE ' . $where . ' ORDER BY ' . $orderby . ' LIMIT ' . $max . ' OFFSET ' . $offset; if (!$DB->query($sql, 'array')) { throw new Exception($DB->get_last_error()); } $dataset = $DB->result(); $total = $DB->foundRows(); $out = array(); $permissions = array(0 => '<img src="img/icons/silk/world.png" align="absmiddle" /> ' . t(69, 'Published'), 1 => '<img src="img/icons/silk/world_dawn.png" align="absmiddle" /> ' . t(70, 'Private'), 2 => '<img src="img/icons/silk/world_night.png" align="absmiddle" /> ' . t(81, 'Hidden')); if (empty($dataset)) { $rows = 0; } else { $rows = count($dataset); } for ($i = 0; $i < $rows; $i++) { $out[$i] = array(0 => $dataset[$i]['id'], 1 => $dataset[$i]['title'], 2 => count(explode(',', $dataset[$i]['categories'])), 3 => $dataset[$i]['format'], 4 => $dataset[$i]['views'], 5 => $permissions[$dataset[$i]['permission']], 6 => $dataset[$i]['enabled'] == 1 ? '<img src="img/icons/silk/accept.png" />' : '<img src="img/icons/silk/cancel.png" />'); } navitable::jqgridJson($out, $page, $offset, $max, $total); break; } core_terminate(); break; case 2: // edit/new form if (!empty($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); } if (isset($_REQUEST['form-sent'])) { $item->load_from_post(); try { $item->save(); $id = $item->id; unset($item); $item = new feed(); $item->load($id); $layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check'); } catch (Exception $e) { $layout->navigate_notification($e->getMessage(), true, true); } } $out = feeds_form($item); break; case 4: // remove if (!empty($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); if ($item->delete() > 0) { $layout->navigate_notification(t(55, 'Item removed successfully.'), false); $out = feeds_list(); } else { $layout->navigate_notification(t(56, 'Unexpected error.'), false); $out = feeds_list(); } } break; case "path_check": // check if a requested path is not used $path = $_REQUEST['path']; $id = $_REQUEST['id']; $DB->query('SELECT type, object_id, lang FROM nv_paths WHERE path = ' . protect($path) . ' AND website = ' . $website->id); $rs = $DB->result(); echo json_encode($rs); core_terminate(); break; case 0: // list / search result // list / search result default: $out = feeds_list(); break; } return $out; }
function run() { global $user; global $layout; global $DB; global $website; $out = ''; $item = new backup(); switch ($_REQUEST['act']) { case 1: // json data retrieval & operations switch ($_REQUEST['oper']) { case 'del': // remove rows $ids = $_REQUEST['ids']; foreach ($ids as $id) { $item->load($id); $item->delete(); } echo json_encode(true); break; default: // list or search $page = intval($_REQUEST['page']); $max = intval($_REQUEST['rows']); $offset = ($page - 1) * $max; $orderby = $_REQUEST['sidx'] . ' ' . $_REQUEST['sord']; $where = " i.website = " . $website->id; if ($_REQUEST['_search'] == 'true' || isset($_REQUEST['quicksearch'])) { if (isset($_REQUEST['quicksearch'])) { $where .= $item->quicksearch($_REQUEST['quicksearch']); } else { if (isset($_REQUEST['filters'])) { $where .= navitable::jqgridsearch($_REQUEST['filters']); } else { // single search $where .= ' AND ' . navitable::jqgridcompare($_REQUEST['searchField'], $_REQUEST['searchOper'], $_REQUEST['searchString']); } } } $sql = ' SELECT SQL_CALC_FOUND_ROWS i.* FROM nv_backups i WHERE ' . $where . ' ORDER BY ' . $orderby . ' LIMIT ' . $max . ' OFFSET ' . $offset; if (!$DB->query($sql, 'array')) { throw new Exception($DB->get_last_error()); } $dataset = $DB->result(); $total = $DB->foundRows(); $out = array(); if (empty($dataset)) { $rows = 0; } else { $rows = count($dataset); } for ($i = 0; $i < $rows; $i++) { $out[$i] = array(0 => $dataset[$i]['id'], 1 => core_ts2date($dataset[$i]['date_created'], true), 2 => $dataset[$i]['title'], 3 => core_bytes($dataset[$i]['size']), 4 => backup::status($dataset[$i]['status'])); } navitable::jqgridJson($out, $page, $offset, $max, $total); break; } core_terminate(); break; case 2: // edit/new form if (!empty($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); } if ($_REQUEST['form-sent'] == 'true') { $item->load_from_post(); try { // update an existing backup $item->save(); $id = $item->id; $layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check'); } catch (Exception $e) { $layout->navigate_notification($e->getMessage(), true, true); } } $out = backups_form($item); break; case 4: // remove if (!empty($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); if ($item->delete() > 0) { $layout->navigate_notification(t(55, 'Item removed successfully.'), false); $out = backups_list(); } else { $layout->navigate_notification(t(56, 'Unexpected error.'), false); $out = webdictionary_list(); } } break; case 'backup': if (!empty($_REQUEST['id'])) { // trick to generate a underground process ;) @set_time_limit(0); @ignore_user_abort(true); $foo = str_pad('Navigate CMS ', 2048, 'Navigate CMS '); header("HTTP/1.1 200 OK"); header("Content-Length: " . strlen($foo)); echo $foo; header('Connection: close'); ob_end_flush(); ob_flush(); flush(); session_write_close(); // now the process is running in the server, the client thinks the http request has finished $item->load(intval($_REQUEST['id'])); $item->backup(); } core_terminate(); break; case 'restore': // TO DO: Restore break; case 'download': // download backup $item->load(intval($_REQUEST['id'])); ob_end_flush(); header('Content-type: application/zip'); header("Content-Length: " . filesize(NAVIGATE_PRIVATE . $item->file)); header('Content-Disposition: attachment; filename="' . basename($item->file) . '"'); readfile(NAVIGATE_PRIVATE . $item->file); core_terminate(); break; case 0: // list / search result // list / search result default: $out = backups_list(); break; } return $out; }
function run() { global $user; global $layout; global $DB; global $website; $out = ''; $item = new file(); switch ($_REQUEST['act']) { case 1: // json retrieval & operations // json retrieval & operations case "json": if ($_REQUEST['op'] == 'upload') { $tmp_name = $_REQUEST['tmp_name']; if ($tmp_name == "{{BASE64}}") { $tmp_name = base64_encode($_REQUEST['name']); } $file = file::register_upload($tmp_name, $_REQUEST['name'], $_REQUEST['parent']); if (!empty($file)) { echo json_encode(array('id' => $file->id, 'name' => $file->name)); } else { echo json_encode(false); } } switch ($_REQUEST['op']) { case 'create_folder': file::create_folder($_REQUEST['name'], $_REQUEST['mime'], $_REQUEST['parent']); echo json_encode(true); break; case 'edit_folder': $f = new file(); $f->load(intval($_REQUEST['id'])); $f->name = $_REQUEST['name']; $f->mime = $_REQUEST['mime']; $ok = $f->save(); echo json_encode($ok); break; case 'edit_file': $f = new file(); $f->load(intval($_REQUEST['id'])); $f->name = $_REQUEST['name']; $ok = $f->save(); echo json_encode($ok); break; case 'duplicate_file': //error_reporting(~0); //ini_set('display_errors', 1); $status = false; $f = new file(); $f->load(intval($_REQUEST['id'])); $f->id = 0; $f->insert(); if (!empty($f->id)) { $done = copy(NAVIGATE_PRIVATE . '/' . $website->id . '/files/' . intval($_REQUEST['id']), NAVIGATE_PRIVATE . '/' . $website->id . '/files/' . $f->id); $status = "true"; if (!$done) { $f->delete(); $status = t(56, "Unexpected error"); } } echo $status; break; case 'move': if (is_array($_REQUEST['item'])) { $ok = true; for ($i = 0; $i < count($_REQUEST['item']); $i++) { unset($item); $item = new file(); $item->load($_REQUEST['item'][$i]); $item->parent = $_REQUEST['folder']; $ok = $ok & $item->update(); } echo json_encode($ok ? true : false); } else { $item->load($_REQUEST['item']); $item->parent = $_REQUEST['folder']; echo json_encode($item->update()); } break; case 'delete': try { $item->load($_REQUEST['id']); $status = $item->delete(); echo json_encode($status); } catch (Exception $e) { echo $e->getMessage(); } break; case 'permissions': $item->load($_REQUEST['id']); if (!empty($_POST)) { $item->access = intval($_POST['access']); $item->permission = intval($_POST['permission']); $item->enabled = intval($_POST['enabled']); $item->groups = $_POST['groups']; if ($item->access < 3) { $item->groups = array(); } $status = $item->save(); echo json_encode($status); } else { echo json_encode(array('access' => $item->access, 'groups' => $item->groups, 'permission' => $item->permission, 'enabled' => $item->enabled)); } break; case 'description': $item->load($_REQUEST['id']); if (!empty($_POST)) { $item->title = array(); $item->description = array(); foreach ($website->languages as $language) { $lcode = $language['code']; if (!isset($_REQUEST['titles'][$lcode])) { break; } $item->title[$lcode] = $_REQUEST['titles'][$lcode]; $item->description[$lcode] = $_REQUEST['descriptions'][$lcode]; } $status = $item->save(); echo json_encode($status); } else { // return file title and description (alt) $data = array('title' => $item->title, 'description' => $item->description); echo json_encode($data); } break; case 'focalpoint': $item->load($_REQUEST['id']); if (!empty($_POST)) { $item->focalpoint = $_REQUEST['top'] . '#' . $_REQUEST['left']; $status = $item->save(); // remove cached thumbnails file::thumbnails_remove($item->id); echo json_encode($status); } else { if (empty($item->focalpoint)) { $item->focalpoint = '50#50'; $item->save(); // remove cached thumbnails file::thumbnails_remove($item->id); } echo $item->focalpoint; } break; case 'video_info': if ($_REQUEST['provider'] == 'youtube') { $item->load_from_youtube($_REQUEST['reference'], false); // force cache reload } else { if ($_REQUEST['provider'] == 'vimeo') { $item->load_from_vimeo($_REQUEST['reference'], false); // force cache reload } else { if (!empty($_REQUEST['reference']) && is_numeric($_REQUEST['reference'])) { $item->load($_REQUEST['reference']); } else { if (is_numeric($_REQUEST['provider'])) { $item->load($_REQUEST['provider']); } else { unset($item); } } if (!empty($item)) { // add some extra data $item->extra = array('reference' => $item->id, 'link' => '', 'thumbnail' => 'img/icons/ricebowl/mimetypes/video.png', 'thumbnail_big' => 'img/icons/ricebowl/mimetypes/video.png', 'thumbnail_url' => 'img/icons/ricebowl/mimetypes/video.png', 'duration' => '', 'embed_code' => '<video src="' . file::file_url($item->id, 'inline') . '></video>'); } } } if (!empty($item)) { echo json_encode($item); } else { echo false; } break; } session_write_close(); $DB->disconnect(); exit; break; case 2: // show/edit item properties // show/edit item properties case "edit": $item->load($_REQUEST['id']); if (isset($_REQUEST['form-sent'])) { $item->load_from_post(); try { $item->save(); unset($item); $item = new file(); $item->load($_REQUEST['id']); $layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check'); } catch (Exception $e) { $layout->navigate_notification($e->getMessage(), true, true); } } $out = files_item_properties($item); break; case 10: case 'media_browser': files_media_browser($_GET['limit'], $_GET['offset']); break; case 92: // pixlr (image editor) overlay remover // pixlr (image editor) overlay remover case 'pixlr_exit': ob_clean(); file::thumbnails_remove(intval($_GET['id'])); echo ' <html> <head></head> <body> <script language="javascript" type="text/javascript"> //window.parent.eval("$(\'#thumbnail-cache\').attr(\'src\', $(\'#thumbnail-cache\').attr(\'src\') + \'&refresh=\' + new Date().getTime());"); window.parent.eval(\'$("#image-preview").attr("src", $("#image-preview").attr("src") + "&refresh=" + new Date().getTime());\'); window.parent.eval("pixlr.overlay.hide();"); </script> </body> </html> '; core_terminate(); break; /* case 91: // picnik editing ob_clean(); // $strPicnikUrl is the URL that we use to launch Picnik. $strPicnikUrl = "http://www.picnik.com/service"; // $aPicnikParams collects together all the params we'll give Picnik. Start with an API key $aPicnikParams['_apikey'] = $website->picnik_api_key; // tell Picnik where to send the exported image $aPicnikParams['_export'] = NAVIGATE_URL.'/navigate_upload.php?wid='.$website->id.'&engine=picnik&id='.$_REQUEST['id'].'&engine=picnik&session_id='.session_id(); // give the export button a title $aPicnikParams['_export_title'] = t(34, 'Save'); // turn on the close button, and tell it to come back here //$aPicnikParams['_close_target'] = $strRoot; // send in the previous "king" image in case the user feels like decorating it $aPicnikParams['_import'] = NAVIGATE_DOWNLOAD.'?wid='.$website->id.'&id='.$_REQUEST['id'].'&disposition=attachment&sid='.session_id(); // tell Picnik to redirect the user to the following URL after the HTTP POST instead of just redirecting to _export $aPicnikParams['_redirect'] = NAVIGATE_DOWNLOAD.'?wid='.$website->id.'&id='.$_REQUEST['id'].'&disposition=inline&ts='.core_time(); //'javascript: return false;'; // tell Picnik our name. It'll use it in a few places as appropriate $aPicnikParams['_host_name'] = 'Navigate'; // turn off the "Save & Share" tab so users don't get confused $aPicnikParams['_exclude'] = "out"; echo '<html><head></head><body>'; echo '<form id="picnik_form" method="POST" action="'.$strPicnikUrl.'" style=" visibility: hidden; ">'; // put all the API parameters into the form as hidden inputs foreach( $aPicnikParams as $key => $value ) { echo "<input type='hidden' name='$key' value='$value'/>\n"; } //echo "<input type='text' name='address' value='Your Majesty'/>\n"; echo "<input type='submit' value='Picnik'/>\n"; echo "</form>"; echo '<script language="javascript" type="text/javascript"> document.forms[0].submit(); </script>'; echo '</body></html>'; core_terminate(); break; */ /* case 91: // picnik editing ob_clean(); // $strPicnikUrl is the URL that we use to launch Picnik. $strPicnikUrl = "http://www.picnik.com/service"; // $aPicnikParams collects together all the params we'll give Picnik. Start with an API key $aPicnikParams['_apikey'] = $website->picnik_api_key; // tell Picnik where to send the exported image $aPicnikParams['_export'] = NAVIGATE_URL.'/navigate_upload.php?wid='.$website->id.'&engine=picnik&id='.$_REQUEST['id'].'&engine=picnik&session_id='.session_id(); // give the export button a title $aPicnikParams['_export_title'] = t(34, 'Save'); // turn on the close button, and tell it to come back here //$aPicnikParams['_close_target'] = $strRoot; // send in the previous "king" image in case the user feels like decorating it $aPicnikParams['_import'] = NAVIGATE_DOWNLOAD.'?wid='.$website->id.'&id='.$_REQUEST['id'].'&disposition=attachment&sid='.session_id(); // tell Picnik to redirect the user to the following URL after the HTTP POST instead of just redirecting to _export $aPicnikParams['_redirect'] = NAVIGATE_DOWNLOAD.'?wid='.$website->id.'&id='.$_REQUEST['id'].'&disposition=inline&ts='.core_time(); //'javascript: return false;'; // tell Picnik our name. It'll use it in a few places as appropriate $aPicnikParams['_host_name'] = 'Navigate'; // turn off the "Save & Share" tab so users don't get confused $aPicnikParams['_exclude'] = "out"; echo '<html><head></head><body>'; echo '<form id="picnik_form" method="POST" action="'.$strPicnikUrl.'" style=" visibility: hidden; ">'; // put all the API parameters into the form as hidden inputs foreach( $aPicnikParams as $key => $value ) { echo "<input type='hidden' name='$key' value='$value'/>\n"; } //echo "<input type='text' name='address' value='Your Majesty'/>\n"; echo "<input type='submit' value='Picnik'/>\n"; echo "</form>"; echo '<script language="javascript" type="text/javascript"> document.forms[0].submit(); </script>'; echo '</body></html>'; core_terminate(); break; */ case 0: // list / search result // list / search result default: // show requested folder or search $out = files_browser($_REQUEST['parent'], $_REQUEST['navigate-quicksearch']); users_log::action($_REQUEST['fid'], intval($_REQUEST['parent']), 'list', '', json_encode($_REQUEST)); break; } return $out; }
function run() { global $user; global $layout; global $DB; global $website; $out = ''; $item = new comment(); switch ($_REQUEST['act']) { case 'json': case 1: // json data retrieval & operations switch ($_REQUEST['oper']) { case 'del': // remove rows $ids = $_REQUEST['ids']; foreach ($ids as $id) { $item->load($id); $item->delete(); } echo json_encode(true); break; default: // list or search $page = intval($_REQUEST['page']); $max = intval($_REQUEST['rows']); $offset = ($page - 1) * $max; $orderby = $_REQUEST['sidx'] . ' ' . $_REQUEST['sord']; $where = ' website = ' . $website->id; if ($_REQUEST['_search'] == 'true' || isset($_REQUEST['quicksearch'])) { if (isset($_REQUEST['quicksearch'])) { $where .= $item->quicksearch($_REQUEST['quicksearch']); } else { if (isset($_REQUEST['filters'])) { $where .= navitable::jqgridsearch($_REQUEST['filters']); } else { // single search $where .= ' AND ' . navitable::jqgridcompare($_REQUEST['searchField'], $_REQUEST['searchOper'], $_REQUEST['searchString']); } } } $DB->queryLimit('id,item,user,email,date_created,status,message', 'nv_comments', $where, $orderby, $offset, $max); $dataset = $DB->result(); $total = $DB->foundRows(); //echo $DB->get_last_error(); $out = array(); $permissions = array(-1 => '<img src="img/icons/silk/new.png" align="absmiddle" /> ' . t(257, 'To review'), 0 => '<img src="img/icons/silk/world.png" align="absmiddle" /> ' . t(64, 'Published'), 1 => '<img src="img/icons/silk/world_dawn.png" align="absmiddle" /> ' . t(251, 'Private'), 2 => '<img src="img/icons/silk/world_night.png" align="absmiddle" /> ' . t(181, 'Hidden'), 3 => '<img src="img/icons/silk/error.png" align="absmiddle" /> ' . t(466, 'Spam')); for ($i = 0; $i < count($dataset); $i++) { if (empty($dataset[$i])) { continue; } // retrieve webuser name $webuser = $DB->query_single('username', 'nv_webusers', ' id = ' . $dataset[$i]['user']); // retrieve item title $item = new item(); $item->load($dataset[$i]['item']); $title = $item->dictionary[$website->languages_list[0]]['title']; $message = core_string_clean($dataset[$i]['message']); $message = core_string_cut($message, 60, '…'); $out[$i] = array(0 => $dataset[$i]['id'], 1 => $title, 2 => core_ts2date($dataset[$i]['date_created'], true), 3 => empty($dataset[$i]['user']) ? $dataset[$i]['email'] : $webuser, 4 => strip_tags($message), 5 => $permissions[$dataset[$i]['status']]); } navitable::jqgridJson($out, $page, $offset, $max, $total); break; } session_write_close(); exit; break; case 2: // edit/new form // edit/new form case 'edit': if (!empty($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); } if (isset($_REQUEST['form-sent'])) { $item->load_from_post(); try { $item->save(); property::save_properties_from_post('comment', $item->id); $layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check'); } catch (Exception $e) { $layout->navigate_notification($e->getMessage(), true, true); } if (!empty($item->id)) { users_log::action($_REQUEST['fid'], $item->id, 'save', $item->name, json_encode($_REQUEST)); } } else { if (!empty($item->id)) { users_log::action($_REQUEST['fid'], $item->id, 'load', $item->name); } } $out = comments_form($item); break; case 4: // remove // remove case 'remove': if (!empty($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); if ($item->delete() > 0) { $layout->navigate_notification(t(55, 'Item removed successfully.'), false); $out = comments_list(); if (!empty($item->id)) { users_log::action($_REQUEST['fid'], $item->id, 'remove', $item->name, json_encode($_REQUEST)); } } else { $layout->navigate_notification(t(56, 'Unexpected error.'), false); $out = comments_form($item); } } break; case 'remove_spam': $count = comment::remove_spam(); $layout->navigate_notification(t(524, 'Items removed successfully') . ': <strong>' . $count . '</strong>', false); $out = comments_list(); users_log::action($_REQUEST['fid'], $website->id, 'remove_spam', "", json_encode($_REQUEST)); break; case 'json_find_webuser': // json find webuser by name (for "user" autocomplete) $DB->query('SELECT id, username as text FROM nv_webusers WHERE username LIKE ' . protect('%' . $_REQUEST['username'] . '%') . ' ORDER BY username ASC LIMIT 30', 'array'); $rows = $DB->result(); $total = $DB->foundRows(); echo json_encode(array('items' => $rows, 'totalCount' => $total)); core_terminate(); break; case 'json_find_comment': // json find comment by text search (for "in reply to" autocomplete) $DB->query('SELECT c.id, c.date_created, c.name, u.username, c.message FROM nv_comments c LEFT JOIN nv_webusers u ON c.user = u.id WHERE c.website = ' . $website->id . ' AND c.item = ' . $_REQUEST['node_id'] . ' AND c.date_created <= ' . $_REQUEST['maxdate'] . ' AND c.id <> ' . $_REQUEST['exclude'] . ' AND ( c.name LIKE ' . protect('%' . $_REQUEST['search'] . '%') . ' OR c.message LIKE ' . protect('%' . $_REQUEST['search'] . '%') . ' OR u.username LIKE ' . protect('%' . $_REQUEST['search'] . '%') . ' ) ORDER BY c.date_created DESC LIMIT 30', 'array'); $rows = $DB->result(); $total = $DB->foundRows(); for ($r = 0; $r < count($rows); $r++) { $rows[$r]['text'] = '<span title="' . core_string_cut($rows[$r]['message'], 100) . '"><i class="fa fa-user"></i> ' . $rows[$r]['name'] . $rows[$r]['username'] . ' <i class="fa fa-clock-o"></i> ' . core_ts2date($rows[$r]['date_created'], true) . '</span>'; } echo json_encode(array('items' => $rows, 'totalCount' => $total)); core_terminate(); break; case 91: // json search title request (for "item" autocomplete) $DB->query('SELECT DISTINCT node_id as id, text as label, text as value FROM nv_webdictionary WHERE node_type = "item" AND subtype = "title" AND website = ' . $website->id . ' AND text LIKE ' . protect('%' . $_REQUEST['title'] . '%') . ' ORDER BY text ASC LIMIT 30', 'array'); // AND lang = '.protect($_REQUEST['lang']).' echo json_encode($DB->result()); session_write_close(); exit; break; case 0: // list / search result // list / search result default: $out = comments_list(); break; } return $out; }
function run() { global $user; switch (@$_REQUEST['act']) { case 'json': switch ($_REQUEST['oper']) { case 'settings_panels': // save dashboard panels state $dashboard_panels = $_REQUEST['dashboard_panels']; $user->setting('dashboard-panels', json_encode($dashboard_panels)); echo json_encode(true); core_terminate(); break; case 'feed': $feed = new feed_parser(); $feed->set_cache(4 * 3600); // once update each 4 hours $feed->load($_REQUEST['url']); list($channel, $articles, $count) = $feed->parse(0, $_REQUEST['limit'], 'newest'); $items = item::convert_from_rss($articles); $display_language = $_REQUEST['language']; if (!empty($items)) { $feed_html = ''; for ($c = 0; $c < count($items); $c++) { if (empty($items[$c])) { break; } if (!isset($items[$c]->dictionary[$display_language])) { // requested language not available, get the first available in the feed $feed_languages = array_keys($items[$c]->dictionary); $display_language = $feed_languages[0]; } $tmp = array('<div class="navigate-panel-body-title ui-corner-all">' . '<a href="' . $items[$c]->paths[$display_language] . '" target="_blank">' . core_ts2date($items[$c]->date_to_display, true) . ' ' . '<strong>' . $items[$c]->dictionary[$display_language]['title'] . '</strong>' . '</a>' . '</div>', '<div id="navigatecms-feed-item-' . $items[$c]->id . '" class="navigate-panel-recent-feed-element">' . $items[$c]->dictionary[$display_language]['section-main'] . '</div>'); $feed_html .= implode("\n", $tmp); } } echo $feed_html; core_terminate(); break; default: // list or search } break; case 'recent_items': $ri = users_log::recent_items(value_or_default($_REQUEST['limit']), 10); if (!is_array($ri)) { $ri = array(); } for ($i = 0; $i < count($ri); $i++) { $action = $ri[$i]; $ri[$i]->_url = '?fid=' . $action->function . '&wid=' . $action->website . '&act=load&id=' . $action->item; $ri[$i]->_link = '<a href="' . $ri[$i]->_url . '" title="' . htmlspecialchars($action->item_title) . ' | ' . htmlspecialchars(t($action->function_title, $action->function_title)) . '"><img src="' . $action->function_icon . '" align="absmiddle" /> ' . core_string_cut($action->item_title, 33) . '</a>'; } echo json_encode($ri); core_terminate(); break; default: $out = dashboard_create(); } return $out; }
$zipfile->addFile(file_get_contents(NAVIGATE_PATH . '/web/.htaccess.example'), 'web/.htaccess.example'); $zipfile->addFile('', 'cache/empty.txt'); $zipfile->addFile('', 'updates/empty.txt'); $zipfile->addFile(file_get_contents(NAVIGATE_PATH . '/themes/theme_kit.zip'), 'themes/theme_kit.zip'); $contents = $zipfile->file(); file_put_contents("distribution/package.zip", $contents); unset($zipfile); /* 6/ Repack SQL, logo, setup.php and package.zip as Navigate.zip */ $zipfile = new zipfile(); $zipfile->addFile(file_get_contents('setup.php'), 'setup.php'); $zipfile->addFile(file_get_contents('distribution/navigate.sql'), 'navigate.sql'); $zipfile->addFile(file_get_contents('distribution/package.zip'), 'package.zip'); file_put_contents("navigate-" . $current_version->version . "r" . $current_version->revision . ".zip", $zipfile->file()); /* 7/ Remove temporary files */ rrmdir('distribution'); core_terminate(); function rrmdir($dir) { if (is_dir($dir)) { $objects = scandir($dir); foreach ($objects as $object) { if ($object != "." && $object != "..") { if (filetype($dir . "/" . $object) == "dir") { rrmdir($dir . "/" . $object); } else { unlink($dir . "/" . $object); } } } reset($objects); rmdir($dir);
function run() { global $user; global $layout; global $DB; global $website; $out = ''; $item = new extension(); switch ($_REQUEST['act']) { case 'extension_info': echo '<iframe src="' . NAVIGATE_URL . '/plugins/' . $_REQUEST['extension'] . '/' . $_REQUEST['extension'] . '.info.html' . '" scrolling="auto" frameborder="0" width="100%" height="100%"></iframe>'; core_terminate(); break; case 'disable': $extension = new extension(); $extension->load($_REQUEST['extension']); $extension->enabled = 0; $ok = $extension->save(); echo json_encode($ok); core_terminate(); break; case 'enable': $extension = new extension(); $extension->load($_REQUEST['extension']); $extension->enabled = 1; $ok = $extension->save(); echo json_encode($ok); core_terminate(); break; // TODO: rework favorite extensions as user's favorite (not global) /* case 'favorite': $extension = new extension(); $extension->load($_REQUEST['extension']); $extension->favorite = intval($_REQUEST['value']); $ok = $extension->save(); echo json_encode($ok); core_terminate(); break; */ // TODO: rework favorite extensions as user's favorite (not global) /* case 'favorite': $extension = new extension(); $extension->load($_REQUEST['extension']); $extension->favorite = intval($_REQUEST['value']); $ok = $extension->save(); echo json_encode($ok); core_terminate(); break; */ case 'remove': try { $extension = new extension(); $extension->load($_REQUEST['extension']); $status = $extension->delete(); echo json_encode($status); } catch (Exception $e) { echo $e->getMessage(); } core_terminate(); break; case 'options': $extension = new extension(); $extension->load($_REQUEST['extension']); $status = null; if (isset($_REQUEST['form-sent'])) { $extension->load_from_post(); $status = $extension->save(); } $out = extensions_options($extension, $status); echo $out; core_terminate(); break; case 'dialog': $extension = new extension(); $extension->load($_REQUEST['extension']); $out = extensions_dialog($extension, $_REQUEST['function'], $_REQUEST); echo $out; core_terminate(); break; case 'process': $extension = trim($_REQUEST['extension']); call_user_func("nvweb_" . $extension . "_plugin", $_REQUEST); core_terminate(); break; case 'run': $extension = trim($_REQUEST['extension']); $extensions_allowed = $user->permission("extensions.allowed"); if (!empty($extensions_allowed) && !in_array($extension, $extensions_allowed)) { $out = t(610, "Sorry, you are not allowed to execute this function."); } else { if (file_exists(NAVIGATE_PATH . '/plugins/' . $extension . '/run.php')) { include_once NAVIGATE_PATH . '/plugins/' . $extension . '/run.php'; if (function_exists($extension . '_run')) { eval('$out = ' . $extension . '_run();'); } } } break; case 'install_from_hash': $url = base64_decode($_GET['hash']); if (!empty($url) && $user->permission("extensions.install") == "true") { $error = false; parse_str(parse_url($url, PHP_URL_QUERY), $query); $tmp_file = sys_get_temp_dir() . DIRECTORY_SEPARATOR . $query['code'] . '.zip'; @core_file_curl($url, $tmp_file); if (@filesize($tmp_file) == 0) { @unlink($tmp_file); // core file curl failed, try using file_get_contents... $tmp = @file_get_contents($url); if (!empty($tmp)) { @file_put_contents($tmp_file, $tmp); } unset($tmp); } if (@filesize($tmp_file) > 0) { // uncompress ZIP and copy it to the extensions dir @mkdir(NAVIGATE_PATH . '/plugins/' . $query['code']); $zip = new ZipArchive(); $zip_open_status = $zip->open($tmp_file); if ($zip_open_status === TRUE) { $zip->extractTo(NAVIGATE_PATH . '/plugins/' . $query['code']); $zip->close(); $layout->navigate_notification(t(374, "Item installed successfully."), false); } else { $layout->navigate_notification('ERROR ' . $zip_open_status, true, true); $error = true; } } else { $layout->navigate_notification(t(56, 'Unexpected error'), true, true); $error = true; } if ($error) { $layout->add_content(' <div id="navigate_marketplace_install_from_hash_error"> <p>' . t(529, "It has not been possible to download from the marketplace.") . '</p> <p>' . t(530, "You have to visit your Marketplace Dashboard and download the file, then use the <strong>Install from file</strong> button you'll find in the actions bar on the right.") . '</p> <p>' . t(531, "Sorry for the inconvenience.") . '</p> <a class="uibutton" href="http://www.navigatecms.com/en/marketplace/dashboard" target="_blank"><span class="ui-icon ui-icon-extlink" style="float: left;"></span> ' . t(532, "Navigate CMS Marketplace") . '</a> </div> '); $layout->add_script(' $("#navigate_marketplace_install_from_hash_error").dialog({ modal: true, title: "' . t(56, "Unexpected error") . '" }); '); } } // don't break, we want to show the themes grid right now (theme_upload by browser upload won't trigger) // don't break, we want to show the themes grid right now (theme_upload by browser upload won't trigger) case 'extension_upload': if (isset($_FILES['extension-upload']) && $_FILES['extension-upload']['error'] == 0 && $user->permission("extensions.install") == "true") { // uncompress ZIP and copy it to the extensions dir $tmp = trim(substr($_FILES['extension-upload']['name'], 0, strpos($_FILES['extension-upload']['name'], '.'))); $extension_name = filter_var($tmp, FILTER_SANITIZE_EMAIL); if ($tmp != $extension_name) { $layout->navigate_notification(t(344, 'Security error'), true, true); } else { @mkdir(NAVIGATE_PATH . '/plugins/' . $extension_name); $zip = new ZipArchive(); if ($zip->open($_FILES['extension-upload']['tmp_name']) === TRUE) { $zip->extractTo(NAVIGATE_PATH . '/plugins/' . $extension_name); $zip->close(); $layout->navigate_notification(t(374, "Item installed successfully."), false); } else { $layout->navigate_notification(t(262, 'Error uploading file'), true, true); } } } default: $list = extension::list_installed(null, false); $out = extensions_grid($list); break; } return $out; }
function run() { global $user; global $layout; global $website; global $theme; global $DB; $out = ''; switch ($_REQUEST['act']) { case 'theme_info': echo '<iframe src="' . NAVIGATE_URL . '/themes/' . $_REQUEST['theme'] . '/' . $_REQUEST['theme'] . '.info.html' . '" scrolling="auto" frameborder="0" width="100%" height="100%"></iframe>'; core_terminate(); break; case 'remove': // check the theme is not actually used in any website $usages = $DB->query_single('COUNT(*)', 'nv_websites', ' theme = ' . protect($_REQUEST['theme'])); if ($usages == 0) { try { $theme = new theme(); $theme->load($_REQUEST['theme']); $status = $theme->delete(); echo json_encode($status); } catch (Exception $e) { echo $e->getMessage(); } } else { $status = t(537, "Can't remove the theme because it is currently being used by another website."); echo $status; } core_terminate(); break; /* case 'export': $out = themes_export_form(); break; */ /* case 'export': $out = themes_export_form(); break; */ case 'theme_sample_content_import': try { $theme->import_sample(); $layout->navigate_notification(t(374, "Item installed successfully."), false); } catch (Exception $e) { $layout->navigate_notification($e->getMessage(), true, true); } $themes = theme::list_available(); $out = themes_grid($themes); break; case 'theme_sample_content_export': if (empty($_POST)) { $out = themes_sample_content_export_form(); } else { $categories = explode(',', $_POST['categories']); $folder = $_POST['folder']; $items = explode(',', $_POST['elements']); $block_groups = explode(',', $_POST['block_groups']); $blocks = explode(',', $_POST['blocks']); $comments = explode(',', $_POST['comments']); theme::export_sample($categories, $items, $block_groups, $blocks, $comments, $folder); core_terminate(); } break; case 'install_from_hash': $url = base64_decode($_GET['hash']); if (!empty($url) && $user->permission("themes.install") == "true") { $error = false; parse_str(parse_url($url, PHP_URL_QUERY), $query); $tmp_file = sys_get_temp_dir() . DIRECTORY_SEPARATOR . $query['code'] . '.zip'; @core_file_curl($url, $tmp_file); if (@filesize($tmp_file) == 0) { @unlink($tmp_file); // core file curl failed, try using file_get_contents... $tmp = @file_get_contents($url); if (!empty($tmp)) { @file_put_contents($tmp_file, $tmp); } unset($tmp); } if (@filesize($tmp_file) > 0) { // uncompress ZIP and copy it to the themes dir @mkdir(NAVIGATE_PATH . '/themes/' . $query['code']); $zip = new ZipArchive(); $zip_open_status = $zip->open($tmp_file); if ($zip_open_status === TRUE) { $zip->extractTo(NAVIGATE_PATH . '/themes/' . $query['code']); $zip->close(); $layout->navigate_notification(t(374, "Item installed successfully."), false); } else { $layout->navigate_notification('ERROR ' . $zip_open_status, true, true); $error = true; } } else { $layout->navigate_notification(t(56, 'Unexpected error'), true, true); $error = true; } if ($error) { $layout->add_content(' <div id="navigate_marketplace_install_from_hash_error"> <p>' . t(529, "It has not been possible to download the item you have just bought from the marketplace.") . '</p> <p>' . t(530, "You have to visit your Marketplace Dashboard and download the file, then use the <strong>Install from file</strong> button you'll find in the actions bar on the right.") . '</p> <p>' . t(531, "Sorry for the inconvenience.") . '</p> <a class="uibutton" href="http://www.navigatecms.com/en/marketplace/dashboard" target="_blank"><span class="ui-icon ui-icon-extlink" style="float: left;"></span> ' . t(532, "Navigate CMS Marketplace") . '</a> </div> '); $layout->add_script(' $("#navigate_marketplace_install_from_hash_error").dialog({ modal: true, title: "' . t(56, "Unexpected error") . '" }); '); } } // don't break, we want to show the themes grid right now (theme_upload by browser upload won't trigger) // don't break, we want to show the themes grid right now (theme_upload by browser upload won't trigger) case 'theme_upload': if (isset($_FILES['theme-upload']) && $_FILES['theme-upload']['error'] == 0 && $user->permission("themes.install") == "true") { // uncompress ZIP and copy it to the themes dir $tmp = trim(substr($_FILES['theme-upload']['name'], 0, strpos($_FILES['theme-upload']['name'], '.'))); $theme_name = filter_var($tmp, FILTER_SANITIZE_EMAIL); if ($tmp != $theme_name) { $layout->navigate_notification(t(344, 'Security error'), true, true); } else { @mkdir(NAVIGATE_PATH . '/themes/' . $theme_name); $zip = new ZipArchive(); if ($zip->open($_FILES['theme-upload']['tmp_name']) === TRUE) { $zip->extractTo(NAVIGATE_PATH . '/themes/' . $theme_name); $zip->close(); $layout->navigate_notification(t(374, "Item installed successfully."), false); } else { $layout->navigate_notification(t(262, 'Error uploading file'), true, true); } } } // don't break, we want to show the themes grid right now // don't break, we want to show the themes grid right now case 'themes': default: if (@$_REQUEST['opt'] == 'install') { $ntheme = new theme(); $ntheme->load($_REQUEST['theme']); $website->theme = $ntheme->name; if (!empty($ntheme->styles)) { $nst = get_object_vars($ntheme->styles); $nst = array_keys($nst); if (!isset($website->theme_options) || empty($website->theme_options)) { $website->theme_options = json_decode('{"style": ""}'); } $website->theme_options->style = array_shift($nst); } else { if (!isset($website->theme_options) || empty($website->theme_options)) { $website->theme_options = json_decode('{"style": ""}'); } else { $website->theme_options->style = ""; } } try { $website->update(); $layout->navigate_notification(t(374, "Item installed successfully."), false); } catch (Exception $e) { $layout->navigate_notification($e->getMessage(), true, true); } } $themes = theme::list_available(); $out = themes_grid($themes); break; } return $out; }
public static function export($type = 'csv') { global $DB; global $website; $out = array(); $DB->query(' SELECT id, website, username, email, groups, fullname, gender, ' . ' birthdate, language, country, timezone, address, zipcode, location, phone, social_website, joindate, lastseen, newsletter, private_comment, access, access_begin, access_end FROM nv_webusers WHERE website = ' . protect($website->id), 'array'); $fields = array("id", t(177, 'Website') . ' [NV]', t(1, 'User'), t(44, 'E-Mail'), t(506, 'Groups'), t(159, 'Name'), t(304, 'Gender'), t(248, 'Birthdate'), t(46, 'Language'), t(224, 'Country'), t(97, 'Timezone'), t(233, 'Address'), t(318, 'Zip code'), t(319, 'Location'), t(320, 'Phone'), t(177, 'Website'), t(247, 'Date joined'), t(563, 'Last seen'), t(249, 'Newsletter'), t(538, 'Private comment'), t(364, 'Access'), t(364, 'Access') . ' / ' . t(623, 'Begin'), t(364, 'Access') . ' / ' . t(624, 'End')); $out = $DB->result(); $temp_file = tempnam("", 'nv_'); $fp = fopen($temp_file, 'w'); fputcsv($fp, $fields); foreach ($out as $fields) { fputcsv($fp, $fields); } header('Content-Description: File Transfer'); header('Content-Type: text/csv'); header('Content-Disposition: attachment; filename=' . basename('webusers.csv')); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($temp_file)); ob_clean(); flush(); fclose($fp); readfile($temp_file); @unlink($temp_file); core_terminate(); }
function run() { global $user; global $layout; global $DB; global $website; $out = ''; $item = new template(); switch ($_REQUEST['act']) { case 'json': case 1: // json data retrieval & operations switch ($_REQUEST['oper']) { case 'del': // remove rows $ids = $_REQUEST['ids']; foreach ($ids as $id) { $item->load($id); $item->delete(); } echo json_encode(true); break; default: // list or search // we have to merge the theme templates with the custom private templates (which are defined in the DB) // as we don't expect a lot of templates, we will always return the whole dataset // for this reason, paginate is useless $orderby = $_REQUEST['sidx'] . ' ' . $_REQUEST['sord']; if (isset($_REQUEST['quicksearch'])) { $dataset = template::search($orderby, array('quicksearch' => $_REQUEST['quicksearch'])); } else { $dataset = template::search($orderby); } $total = count($dataset); $out = array(); $permissions = array(0 => '<img src="img/icons/silk/world.png" align="absmiddle" /> ' . t(69, 'Published'), 1 => '<img src="img/icons/silk/world_dawn.png" align="absmiddle" /> ' . t(70, 'Private'), 2 => '<img src="img/icons/silk/world_night.png" align="absmiddle" /> ' . t(81, 'Hidden')); if (empty($dataset)) { $rows = 0; } else { $rows = count($dataset); } for ($i = 0; $i < $rows; $i++) { $out[$i] = array(0 => $dataset[$i]['id'], 1 => $dataset[$i]['title'], 2 => $dataset[$i]['theme'], 3 => $permissions[$dataset[$i]['permission']], 4 => $dataset[$i]['enabled'] == 1 ? '<img src="img/icons/silk/accept.png" />' : '<img src="img/icons/silk/cancel.png" />'); } navitable::jqgridJson($out, 1, 0, PHP_INT_MAX, $total); break; } core_terminate(); break; case 'load': case 2: // edit/new form if (!empty($_REQUEST['id'])) { if (is_numeric($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); } else { $item->load_from_theme($_REQUEST['id']); } } if (isset($_REQUEST['form-sent'])) { $item->load_from_post(); try { $item->save(); if (!empty($_REQUEST['property-enabled'])) { $enableds = array_values($_REQUEST['property-enabled']); } else { $enableds = array(); } property::reorder("template", $item->id, $_REQUEST['template-properties-order'], $enableds); $layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check'); } catch (Exception $e) { $layout->navigate_notification($e->getMessage(), true, true); } users_log::action($_REQUEST['fid'], $item->id, 'save', $item->title, json_encode($_REQUEST)); } else { users_log::action($_REQUEST['fid'], $item->id, 'load', $item->title); } $out = templates_form($item); break; case 'save_template_file': // save template html if (!empty($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); } $data = $_REQUEST['templates-file-edit-area']; $data = str_replace("\r\n", "\r", $data); $x = file_put_contents(NAVIGATE_PRIVATE . '/' . $website->id . '/templates/' . $item->file, $data); echo json_encode($x > 0); session_write_close(); exit; break; case 4: // remove if (!empty($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); if ($item->delete() > 0) { $layout->navigate_notification(t(55, 'Item removed successfully.'), false); $out = templates_list(); } else { $layout->navigate_notification(t(56, 'Unexpected error.'), false); $out = webdictionary_list(); } users_log::action($_REQUEST['fid'], $item->id, $item->title, 'remove'); } break; case 'template_property_load': $property = new property(); if (!empty($_REQUEST['id'])) { if (is_numeric($_REQUEST['id'])) { $property->load(intval($_REQUEST['id'])); } else { $property->load_from_theme($_REQUEST['id'], null, 'template', $_REQUEST['template']); } } header('Content-type: text/json'); $types = property::types(); $property->type_text = $types[$property->type]; echo json_encode($property); session_write_close(); exit; break; case 'template_property_save': // save property details $property = new property(); if (!empty($_REQUEST['property-id'])) { $property->load(intval($_REQUEST['property-id'])); } $property->load_from_post(); $property->save(); header('Content-type: text/json'); $types = property::types(); $property->type_text = $types[$property->type]; echo json_encode($property); session_write_close(); exit; break; case 'template_property_remove': // remove property $property = new property(); if (!empty($_REQUEST['property-id'])) { $property->load(intval($_REQUEST['property-id'])); } $property->delete(); session_write_close(); exit; break; case 0: // list / search result // list / search result default: $out = templates_list(); break; } return $out; }